Akamai Technologies has released a new State of the Internet report that has revealed DDoS attack events are rising the fastest in Europe, the Middle East and Africa (EMEA). Titled Fighting the Heat: EMEA’s Rising DDoS Threats, the report has found that in the EMEA region, the United Kingdom is bearing the brunt of over one-quarter (26%) of all DDoS attacks in the region, followed by Saudi Arabia (22%) and Germany (9%) as the top three most targeted nation-states.
Throughout 2023, the number of EMEA DDoS attack events climbed to almost 2,500, more than three times as high as those experienced in the Asia Pacific and Japan (APJ) and Latin America (LATAM) combined.
The complexity and severity of DDoS attacks have been transformed by geopolitical motives, which is why there’s been an increase in hacktivism and nation-state-sponsored attacks alike. DDoS is a popular tool in the toolboxes of politically motivated hacktivists and nation-state–sponsored attackers. For example, in the ongoing cyber war between Ukrainian and Russian actors, DDoS incidents have played a significant role as hacktivists have found these low-cost attacks to be effective.
A graph of events and statistics
Description automatically generated with medium confidence
Other key findings of Fighting the Heat: EMEA’s Rising DDoS Threats include:
EMEA overtook North America as the most attacked region in 2024: As of Q1 2024, EMEA overtook North America as the most attacked region for DDoS attack events for the first time in five years.
EMEA is the only region experiencing a sharp increase in DDoS attacks: Since January 2019, DDoS attacks in the EMEA region have consistently risen - whereas they’ve significantly fallen in North America since 2022.
Cybercriminals are expanding their vector portfolio: More than one-third of DDoS events use multiple attack vectors — as many as 12 — to increase success, with DNS flood, UDP fragment, and NTP reflection proving the most popular.
EMEA financial services are targeted more than any other region: Over half (53%) of all DDoS attacks in the financial services sector are aimed at targets based in EMEA. North America is the second most targeted region in the FS vertical, trailing EMEA at 43%.
A popular DDoS target: Of all the DDoS attack types, those targeting the Domain Name System (DNS) are among the most prevalent. DNS is such a popular target for DDoS attacks because of the impact malicious traffic can have on this critical and foundational service.
DDoS attacks are getting cheaper and easier to run: Sometimes costing as little as £8.50 (€10), the emergence of services such as DDoS booster services is assisting cybercriminals in their bid to cripple organisations both financially and operationally.
Richard Meeus, Director of Security Technology and Strategy, EMEA at Akamai, said: “Europe is under siege from the growing DDoS threat and the ongoing Russia-Ukraine and Israel-Hamas wars are playing a significant role. As the region approaches several high-profile events such as the UK and EU elections, and the summer of sports, cybercriminals will continue to turn up the heat. It is critical that organisations protect their digital assets and shield their DNS infrastructure to avoid being burnt.”
