The number of DDoS attacks has increased significantly worldwide in recent years. They are also becoming more complex and powerful.
In Distributed Denial-of-Service (DDoS) attacks, cybercriminals attempt to disrupt the normal functioning of a network, server or service by overwhelming the target or surrounding infrastructure with a deluge of Internet traffic.
In its most recent cyber threat report (1), the European Union Agency for Cybersecurity (ENISA) notes a significant increase in DDoS attacks, mainly due to the ongoing conflict in Ukraine. Among other things, the European Parliament was the victim of a large-scale attack last November that was subsequently claimed by a pro-Russian group.
Moreover, DDoS attacks are becoming larger and more complex and are moving to mobile networks and the IoT. The American company Cloudflare saw the largest-ever attack on its network a few weeks ago. At the height of that attack, 17 million requests per second were said to have been fired off (2).
One type of attack that is on the rise is the so-called ransom DDoS. In the process, cybercriminals try to extort money from organisations by threatening them with a DDoS attack. The reverse is also possible: a DDoS attack is launched and then a ransom is demanded from the victim to stop the attack.
More volumetric and complex
These trends, albeit on a smaller scale, can also be seen at Belnet. Because of the extensive expertise our network engineers have built up in mitigating such attacks, they have great insights into what is changing in the DDoS landscape.
"Cybercriminals are becoming increasingly targeted and professional. Customers without specific DDoS protection are often shocked by the huge impact on their business continuity."
"The DDoS attacks on the Belnet community are becoming increasingly widespread. That is why we have had to deploy our Cloud Scrubbing Center more frequently over the past year," explains network architect Grégory Degueldre. "In particular, the attacks are more volumetric than before and bypass the previous internal anti-DDoS solution. They have also become more complex: several attack vectors are deployed simultaneously."
One of the R&E institutions connected to the Belnet network suffered a very sophisticated attack in 2022. The Belnet team provided advice and assistance to the organisation to mitigate the attack. "Cybercriminals are becoming increasingly targeted and professional. Customers without specific DDoS protection are often shocked by the huge impact on their business continuity," says Grégory Degueldre.
Educational institutions and governments are favoured targets
Research by Check Point Research (CPR) shows that, last year, education and research sectors were the top targets for hackers worldwide, followed by government agencies and healthcare (3).
At the Belnet level, federal institutions, universities and colleges were substantially affected by DDoS attacks in 2022. Whereas certain customers used to be spared from these types of attacks, there are now few who can boast that they have never been affected.
"Attacks are not only being amplified at layers 3 and 4 of the OSI model, but are also increasingly succeeding in compromising application firewalls. Some customers feel powerless against this and appeal to Belnet. Although Belnet does not offer application-level protection, by working closely with the customer it is still possible to combat the most difficult attacks," concludes Grégory.