Select Page

Hacktivists step back giving way to professionals: a look at DDoS in Q3 2022

Posted by | Nov 15, 2022 |

<strong>Hacktivists step back giving way to professionals: a look at DDoS in Q3 2022</strong>

Distributed Denial of Service (DDoS) attacks increased consistently in the third quarter of 2022, particularly those conducted by professionals. The number of so-called smart attacks during this term doubled compared to the same period of the last year. Moreover, the proportion of sophisticated DDoS attempts became even more significant: while the number of attacks by hacktivists were markedly notable in the first two quarters of this year, their activity almost vanished in the third one. These and other findings are part of a quarterly DDoS report issued by Kaspersky.

A Distributed Denial of Service (DDoS) attack is designed to stop a website from  functioning normally or disrupt it completely. During an attack (which usually targets government institutions, retail or financial companies, media or other organizations) the victim loses customers due to the unavailability of their website and their reputation suffers.

In Q3 2022, the number of DDoS attacks of all types rose in relation to previous reporting period. According to Kaspersky experts, this is a standard picture: a relatively calm summer is followed by a sharp surge in DDoS activity. Moreover, compared to Q3 2021, the overall number of DDoS attacks rose by 47.87%, while the number of smart, or sophisticated and professionally conducted attacks, doubled.

A comparative number of DDoS attacks: Q3 2022 and Q3 2021 as well as Q2 2022.

Data for Q3 2021 is taken as 100%

What makes the third quarter more remarkable is the continuous drop in non-professional attacks. Although hacktivists were quite passionate and prolific in their DDoS attempts during the first half of 2022, in Q3 they switched to other malicious activity. By Q3, the number of hacktivist DDoS attacks was tending towards zero. Meanwhile, the number of high-quality professional attacks, after a significant increase in Q1, remained at a high level. The targets have not changed either: mainly in the financial and government sectors. Both of these facts reinforce the notion that, from the spring until at least the end of September, professionals were working against these sectors, as reflected in our statistics.

In terms of DDoS attack duration, there were no new records: if Q2 was marked by the longest attack ever observed, Q3 was calmer. On average, attacks lasted about eight hours, with the longest being just under four days. Compared to the previous quarter, this figure seems rather modest, but the figures are still immense. In Q3 of last year, the duration of DDoS attacks was measured in minutes, not hours. The situation remains challenging in this regard.

A comparative duration of DDoS attacks: Q3 2022 and Q3 2021 as well as Q2 2022.

Data for Q3 2021 is taken as 100%

” Since the end of February, we have been observing and thwarting an unusually high amount of amateur hacktivist attacks. However, the number of these kinds of attacks has been gradually declining and by the end of Q3 had returned to normal levels. During this period, we observed plenty of sophisticated attacks aimed at reaching clearly defined goals: for example, to cut media outlets off, or even suspend general operations of government organizations,” comments Alexander Gutnikov, a security expert at Kaspersky.

Read more about DDoS attacks in Q3 2022 on Securelist.

To stay protected against DDoS attacks, Kaspersky’s experts recommend implementing the following measures:

  • Maintain web resource operations by assigning specialists who understand how to respond to DDoS attacks.
  • Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack.
  • Implement professional solutions to safeguard your organization against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house solutions.
  • Know your traffic. Use network and application monitoring tools to identify traffic trends and tendencies. By understanding your company’s typical traffic patterns and characteristics, you can establish a baseline to more easily identify unusual activity that is symptomatic of a DDoS attack.
  • Have a restrictive Plan B defensive posture ready to go. Be in a position to rapidly restore business-critical services in the face of a DDoS attack.

About The Author

Shima Zamil

Social media Marketing, Creative copywriter, Arabic- English translator, and Community management

Related Posts

Globally Only 15% of Organizations have a Cybersecurity Posture ‘Mature’ Enough to Defend against Threats of Hybrid World

Globally Only 15% of Organizations have a Cybersecurity Posture ‘Mature’ Enough to Defend against Threats of Hybrid World

April 3, 2023

6 Ways Managed Detection and Response (MDR) Can Prevent Cyber Breaches

6 Ways Managed Detection and Response (MDR) Can Prevent Cyber Breaches

September 28, 2017

Saudi Esports Federation and Kaspersky join forces to level up cybersecurity in gaming and content creation

Saudi Esports Federation and Kaspersky join forces to level up cybersecurity in gaming and content creation

October 10, 2023

Kids’ appetite for online retail sites grows threefold, amid shift in browsing behavior

Kids’ appetite for online retail sites grows threefold, amid shift in browsing behavior

June 18, 2019

Latest News

Categories

WP Twitter Auto Publish Powered By : XYZScripts.com