Europe’s cybersecurity agency has warned that geopolitics is fueling a current increase in denial-of-service (DoS) attacks.
ENISA analyzed 310 publicly reported DoS attacks between January 2022 and August 2023, to compile its ENISA Threat Landscape for DoS Attacks report.
It claimed that two-thirds (66%) were motivated by political reasons or activist agendas, with half (50%) down to the war in Ukraine.
As a result, the most impacted sector during the period was “government administration,” accounting for 46% of attacks.
The report found that in 57% of cases, attacks caused “total disruption” for the victim organization, with users experiencing “severe outages” during the duration of the attack.
Read more on DDoS: HTTP/S DDoS Attacks Soar 487% in Three Years
“Partial disruption was observed in 21% of the incidents, which were said to undergo intermittent outages or severe service degradation,” the report claimed. “Only in 4% of the cases did the attacks cause what was labelled as zero disruption, in which the attack itself was ineffective or the DoS protection of the target that was in place meant that there was no noticeable impact on the target.”
That suggests DDoS mitigation measures still have some way to go.
In October, Google and others revealed a new “rapid reset” zero-day vulnerability that threat actors had been exploiting to launch the biggest DDoS attacks on record, from relatively small botnets.
Google said its exploitation enabled malicious actors to launch a series of DDoS attacks that reached a peak of 398 million requests per second (rps). The previous largest was 46 million rps.