DDoS protection company StormWall analyzed the attacks carried out against its international clients in Q3 2022. Researchers recorded a 90% increase in DDoS activity compared to the same period in 2021.
The highest activity of threat actors was in the telecommunications sector. Entertainment was the second most attacked industry, and fintech became a close third. Many attacks were performed by politically motivated hacktivists, working on organized groups sometimes consisting of hundreds of thousands of members. Attacks were also unusually strong, thanks to the emergence of several new open source tools. Some of the application layer floods in the period exceeded 200,000 packets per second.
The largest number of attacks was recorded in the telecom sector (43.2% of attacks). The number of attacks in this industry increased by 7 times compared to Q3 2021. As many teams continue to operate remotely post Covid, companies rely on telecom services to drive critical business processes. The main goal of threat actors was exertion and blackmail, but many attacks targeting the Russian telecommunications industry were performed by hacktivists.
Entertainment was the second most affected industry (21.8% of attacks). The number of attacks on the sector increased by 18 times compared to Q3 2021. This is the fastest growth rate recorded in the study. However, the share of attacks on entertainment is slowly shrinking. This can be attributed to the decreasing consumption of online content as quarantine measures are being lifted, and comparatively high activity of hacktivists in other areas.
The third most attacked sector is Fintech (16,3% of attacks). The number of attacks increased by 9 times since Q3 2021. Most of the attacks are attributed to politically motivated threat actors targeting Russian financial companies, including government and privately owned banks.
The fourth largest share was observed in the e-commerce industry, (14,8% of attacks). The number of attacks increased by 7 times since Q3 2021.
Additionally, 2,1% of attacks took place in the education sector, where StormWall researchers recorded a 6 times increase in attacks compared to Q3 2021. This growth is attributed to hacktivist activity. In logistics, StormWall observed 1.3% of attacks and a 30% increase compared to the same period in 2021.
Of all recorded attacks, 73% were carried out on the application layer, and 19% were packet floods directed at the network and transport layers of the OSI model. 3% targeted DNS services and the remaining 5% — other protocols.
“We’ve been seeing an unusually high number of attacks by politically motivated actors, who put the telecom sector under fire and caused the share of incidents in the entertainment industry to reduce. Most attacks took place in the first two months of the quarter, which suggests a period of calm, but it’s going to be temporary. Hacktivists are unlikely to stop and they also developed DDoS tools that are now in the hands of all actors. We should brace for a difficult 4th quarter”, says Ramil Khantimirov, CEO and co-founder of StormWall.
Read next: Azure DDoS protection for SMBs is now available in the preview