Alarming complexity, resilience and frequency of cybercrime threats

More than 8.4 million DDoS attacks targeting IT infrastructures, cloud, mobile networks, and IoT devices reinforce increased risk for global enterprises and service providers.

  • Wednesday, 19th February 2020 Posted 4 years ago in by Phil Alsop

NETSCOUT SYSTEMS, INC. has released the findings of its Threat Intelligence Report for the second half of 2019, which also incorporates insights from its 15th Annual Worldwide Infrastructure Security Report™ (WISR™) survey. The report underscores the proliferation of risks faced by global enterprises and service providers. These organisations must now not only defend IT infrastructures, but also manage risks caused by increased Distributed Denial of Service (DDoS) attacks on customer-facing services and applications, mobile networks, and unsecured IoT devices.


“We’ve uncovered some disturbing statistics,” stated Hardik Modi, AVP, engineering, threat and mitigation products, NETSCOUT. “By weaponising new attack vectors, leveraging mobile hotspots, and targeting compromised endpoint IoT devices, attackers are increasingly finding ways to infiltrate our internet-connected world. They are getting more sophisticated by using a minuscule portion of the available vulnerable devices to carry out a successful attack. The largest OpenVPN DDoS attack we observed used less than one per cent of the available reflectors connected to the internet. Botmasters are waiting in the wings, since the risk will only increase in 2020 when an estimated 20.4 billion more devices are connected to the internet.”

NETSCOUT’s Threat Intelligence Report analyses the global threat landscape, including DDoS campaigns, advanced persistent threat (APT) groups, IoT vulnerabilities, and crimeware. This report also includes findings from the WISR, an annual global survey of network, security, and IT decision-makers across enterprise and service provider organisations.

Key findings from the Threat Intelligence Report and WISR include:

  • Attackers weaponised seven new UDP reflection/amplification vectors and combined variations of existing well-known attack vectors to launch pinpoint-focused DDoS attacks
  • Carpet-bombing tactics increased vertical sector attack activity; satellite telecommunications witnessed a 295% increase in attacks
  • Adversaries discovered how to use advanced reconnaissance to target client services at well-protected targets like ISPs and financial institutions to amplify attacks against specific enterprises and network operators
  • Wireless communications companies experienced a 64% increase in DDoS attack frequency from 2H 2018 to 2H 2019, mainly due to the increased tendency of gamers to use their phone services as wireless hotspots, as well as the popularity of gaming on mobile devices with 4G or LTE connectivity
  • Mirai-based variants dominated the second half of 2019 with a 57% increase targeting 17 system architectures; ASERT honeypots reflect this growth with an 87% increase in the number of exploit attempts
  • Service provider respondents to the WISR reported a 52% increase in DDoS attacks on publicly exposed service infrastructures compared to 38% the previous year