ENISA confirms: DDoS threat situation remains extremely precarious

  • Fabian Sinner
  • December 12, 2023

Table of content

    ENISA confirms: DDoS threat situation remains extremely precarious

    The year 2023 and cyberattacks are unfortunately closely intertwined. The risk of falling victim to a cyberattack is always present, but the dangers for companies were particularly acute in the last 12 months. Especially when we talk about DDoS attacks.

    The hacker group Anonymous Sudan, for example, bombed the chatGPT service provided by Open AI until it was inaccessible for a long time. NoName057(16), another hacker group that carries out cyberattacks under the guise of politics, launched the dangerous DDoSia project to make DDoS attacks freely accessible to anyone interested.

    It has also become clear that artificial intelligence (AI) is increasingly being used to control DDoS attacks. This makes the attacks smarter and therefore more dangerous. Conventional protection systems that have not implemented their own AI can be quickly overcome and no longer pose much of an obstacle.

    The third quarter of 2023 gave us a taste of the future

    Link11 data from the third quarter of 2023 clearly shows that the trend is changing from “classic” DDoS attacks to a smarter, more effective approach. While single-vector attacks and attacks with nine or more vectors decreased, our experts saw a 116% increase in attacks with five to eight vectors.

    The figures suggest that cybercriminals are more effective at testing their victims’ systems for vulnerability and are not unnecessarily firing the entire attack load at well-protected targets. Instead, inadequately protected targets are sought out, which are then attacked in a more focused manner. As a result, attacks bounce off defenses much less frequently and now strike in far more worthwhile locations.

    ENISA’s latest DDoS situation report is worrying

    As it does every year, the European Union Agency for Cybersecurity (ENISA) has published its status report on the current DDoS market situation. ENISA analyzed 310 selected DDoS attacks in the period from January 2022 to August 2023.

    The conclusion: attacks are not only increasingly being used as “ammunition for political motivations”, but the threat has also developed into a “massive danger” due to new vectors and attack patterns.

    ENISA also points out that DDoS attacks are becoming cheaper, easier, and more aggressive. New players, in the form of surprisingly well-coordinated hacker groups, have entered the playing field and are launching major attacks without having to worry about possible penalties.

    The study confirms the findings of our Q3 figures that no one is safe from DDoS attacks. However, a clear shift in attacks towards the public sector can be observed. State administration was the target of 46% of all attacks analyzed. 66% of all attacks were generally politically motivated, and 50% of the analyzed attacks had a direct link to the Russian-Ukrainian war.

    One statistic, however, is particularly striking: 56.8% of all analyzed attacks resulted in a complete collapse of the target. Websites or services were no longer accessible; the victim was completely incapacitated on a digital level.

    How many companies or organizations suffered at least severe performance losses due to attacks is not detailed in the report. However, it can be assumed that far more than the 56.8% mentioned above at least had to deal with unpleasant consequences – even if the worst-case scenario could be prevented.

    Rely on a proven partner

    Effective DDoS protection for the public sector should not only be fast and accurate in detecting attacks, but should also strictly comply with EU data protection regulations. Our automated and patented link protection solution fulfills all these points.

    During the height of the Covid19 pandemic, we made the basic version of our DDoS protection available free of charge to all public health, government, and educational organizations. Not only did we help many authorities that were victims of cyberattacks at the time, but we were also able to optimize our technology down to the smallest detail for the specific needs of the sector. This means you can benefit from a solution that has already proven itself in the public sector in an absolutely exceptional situation.

    A large number of authorities, public-sector companies, and companies in the KRITIS sector, such as German air traffic control, Frankfurt airport operator Fraport AG and energy supplier Mainova, already trust us and our security technology.

    Reliable protection saves a lot of headaches

    AI-based DDoS protection solutions for IT infrastructures and web applications that develop and improve themselves are the best way to ensure reliable protection. Scalable and automated technology mitigates DDoS attacks of any kind within the shortest possible time and protects you from all attacks around the clock.

    Let’s discuss your individual risk prevention strategy together. Start by arranging a non-binding appointment with our security experts to see how we can help.

    Contact us now >>

    VOIP and DOS / SPIT – History and Challenges
    WorldHostingDays.usa: Link11 presents DDoS protection solutions for the industry