Distributed denial-of-service (DDoS) attacks have become the dominant tactic for cyber warfare, with countries like Israel, Georgia, Mexico and Turkey experiencing a significant spike in such incidents during 2024, according to a new report.
A DDoS is often defined as a cyber attack in which perpetrators use co-ordination and multiple computers to overwhelm a network server with internet traffic, which then prevents users from accessing services and websites. They are essentially a more powerful version of a denial-of-service attack (DoS), which is only carried out by one nefarious actor.
“DDoS attacks are outpacing many traditional cyber-threats,” a report released by NetScout Systems, a cyber protection solutions provider, said on Wednesday. “They are precision-guided digital weapons, capable of disrupting infrastructure at critical moments.”
NetScout said that geopolitical unrest and continuing social strife were playing a significant role in the spike in DDoS attacks. According to the NetScout report, Israel had a 2,844 per cent surge in DDoS attacks in 2024, while Georgia had a 1,489 per cent increase, and Mexico experienced a 218 per cent increase.
The DDoS attacks in Israel were largely related to the continuing Israel-Gaza war, whereas Georgia's DDoS attacks were the result of continuing tensions with Russia, while Mexico's DDoS attacks were related to the country's national elections. Geopolitical events related to Syrian refugees prompted a 437 per cent increase in DDoS attacks in Turkey as well, NetScout's report said.
“The findings show how attackers exploit moments of national vulnerability to amplify chaos and erode trust in institutions, as they target the critical infrastructure of governments, commercial entities and service providers,” a synopsis of the NetScout report explained. NetScout said that the company observed 8,911,312 DDoS attacks in the second half of 2024, a 12 per cent increase compared to the first half of the year.
“DDoS has emerged as the go-to tool for cyberwarfare,” said Richard Hummel, director of threat intelligence at NetScout.
Artificial intelligence is also playing a significant role in the proliferation of DDoS attacks. “AI is being utilised for Captcha bypassing, with automation advancing towards capabilities such as behaviour mimicry and real-time attack adjustments,” the company's report read in part.
“AI-driven automation, proxy-based application-layer floods, and evolving DDoS-for-hire services using turnkey reconnaissance capabilities and full-scale attack orchestration ensure these campaigns remain relentless while lowering the barrier to entry.”
Tracing the origins of DDoS attacks is also becoming more difficult, due to threat actors increasingly using ISP-spoofing and geo-spoofing techniques.
According to the US Cybersecurity and Infrastructure Security Agency (CSIS), there is no way to completely prevent DDoS attacks, but there are DDoS protection services that can help reduce the threat of attacks. CSIS also recommends the installation of firewalls and basic anti-virus software. NetScout's report concludes, however, that a legacy IT defence mentality is no longer effective when it comes to “modern DDoS” attacks.
“Security teams must move beyond reactive mitigation and embrace proactive, intelligence-driven defence strategies that disrupt attackers before they strike,” the report said. “It’s about outmanoeuvring an adversary that is smarter, faster, more organised, and more relentless than ever, especially as DDoS evolves into a non-attributable cyberweapon for geopolitically motivated actors.”