Adversaries Take Aim at North American Cloud Service Providers
Organizations looking to improve efficiencies, cut costs, and enhance business processes are increasingly turning to cloud service providers to accomplish those goals. It’s estimated that 60 percent of all corporate data will be stored in the cloud this year. And by 2025, the amount of data stored in the cloud is expected to reach 175 zettabytes—a 61 percent increase from today.
Although 94 percent of enterprises say that cloud adoption has resulted in online security improvements, there’s no question that cyber attackers are aware of these trends and are redoubling their efforts to get at the valuable data stored by cloud service providers.
This is clear from the number of distributed denial-of-service (DDoS) attacks launched in 1H 2022 against North America. As explained in the 1H 2022 DDoS Threat Intelligence Report, North America accounts for only about 17 percent of global DDoS attacks in this six-month timeframe. Nevertheless, cloud-related service providers experienced a 54 percent increase in DDoS attacks in that same timeframe.
Continued Focus on Direct-Path Attacks, 5G Networks
Moreover, adversaries continued to focus their efforts on direct-path attacks, which enabled them to bypass network security measures such as source address validation (SAV). As such, TCP SYN, ACK, and RST floods made up about half of the attacks that targeted cloud service providers in the region.
While cloud service providers experienced the largest increase in DDoS, attackers also continued to focus on other service providers. Wireless service providers continued to draw the attention of attackers, driven in large part by the proliferation of 5G networks in North America.
In 1H 2022, wireless telecommunications providers experienced a 12 percent increase in DDoS attacks from the second half of 2021, and we expect this trend will continue as businesses increasingly turn to 5G networks for faster speeds, lower latency, and higher data throughput.
Attacks Against Elementary and Secondary Schools Almost Double
While not related to service providers, one other trend emerged that deserves attention. As we explained in our last report, it’s become quite common for anyone to purchase a DDoS attack on the dark web. Unfortunately, it appears that knowledge has trickled down to students who attend primary schools.
Attacks against elementary and secondary schools increased by 95 percent during the first half of the year, signaling that the use of DDoS attacks by increasingly younger people appears to be an unfortunate trend. In fact, attacks against elementary and secondary schools were so prevalent that, for the first time, those institutions made the top 10 list of targets.
We’ve long understood that students in professional schools and universities will launch attacks to avoid going to class. But the trickle-down effect on schools with younger students should be noted and addressed by IT and security professionals in this vertical.
Learn more about the DDoS attack trends for North America by reading the 1H 2022 DDoS Threat Intelligence Report.