DDos attacks up 183% in MENA amid geopolitical tensions: StormWall

The first quarter of 2024 witnessed an unprecedented surge in Distributed Denial of Service (DDoS) attacks across the MENA region, with a staggering 183 per cent year-on-year increase, as reported by cybersecurity firm StormWall.

This dramatic rise is primarily attributed to heightened hacktivism fueled by geopolitical tensions in the region, particularly the ongoing Israeli-Palestinian conflict.

Understanding DDoS attacks

Distributed Denial of Service (DDoS) attacks are a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic.

These attacks are executed using multiple compromised computer systems as sources of attack traffic.

In essence, DDoS attacks aim to render the targeted systems unusable by saturating them with an excessive volume of requests, thereby causing significant operational disruptions and financial losses.

Key findings from StormWall’s Q1 2024 report:

Hacktivism and geopolitical tensions

The escalation of the Israeli-Palestinian conflict significantly contributed to the rise in hacktivism-related DDoS attacks.

Government services were heavily targeted, representing 34 per cent of all incidents and experiencing a 218 per cent increase compared to the previous year.

The conflict’s intensification, since October 2023, has been a catalyst for the surge in cyber activities aimed at disrupting governmental operations.

Energy sector under siege?

The energy sector was the second most targeted industry, accounting for 18 per cent of the attacks and witnessing a 206 per cent year-over-year increase.

Hackers aimed at critical infrastructure, including supervisory control and data acquisition (SCADA) systems and energy management systems (EMS), with the intent to disrupt operations and compromise business continuity.

Growth in botnet nodes

There was a notable increase in the number of botnet nodes used for launching attacks, which quadrupled from 4,000 to 16,000 in Q1 2024, highlights the report. This expansion in botnet capacity has enabled attackers to execute more potent DDoS attacks, particularly “carpet bombing” tactics.

These attacks indiscriminately flood a network with traffic across a wide range of IP addresses, making the infrastructure vulnerable to widespread disruption. Carpet bombing attacks saw a 264 per cent increase year-on-year.

Protocol-based attacks

A significant portion of the attacks (83 per cent) targeted the HTTP and HTTPS protocols, essential for web traffic and secure communications.

Attacks on TCP and UDP protocols constituted 10 per cent, while DNS attacks saw a notable increase from 3 per cent to 5 per cent compared to the previous year. These attacks are critical as they disrupt domain name services, which are vital for the internet’s functionality.

Countries targeted

The UAE (21 per cent), Saudi Arabia (18 per cent), and Iran (14 per cent) were the most targeted countries in the MENA region in Q1 2024. The rise in attacks co-incide with geopolitical tensions and once again highlights just how prominent politically motivated attacks are in today’s DDoS threat landscape.

The surge in DDoS attacks highlights the growing cyber threat landscape in the MENA region, driven by hacktivism and geopolitical tensions.

The increase in the number of botnet nodes and the diversity of targeted protocols indicate a sophisticated and evolving threat environment, notes the StormWall report, implying that private and public entities need to bolster their cybersecurity infrastructure.

As the geopolitical situation continues to evolve, the frequency and intensity of DDoS attacks in the region are expected to persist, concludes the report.

It is crucial for entities in the MENA region to adopt advanced security frameworks and proactive defence strategies to safeguard their infrastructure against these disruptive cyber threats.

Read: AI and cybersecurity: Microsoft’s strategy for the digital era