Adverse Trendsetter

DDoS activity in APAC reveals unfortunate trends.

Satellite map of the Asia-Pacific region with a blue overlay
NETSCOUT

In the first six months of 2022, adversaries launched more than 1.3 million distributed denial-of-service (DDoS) attacks against organizations in the Asia-Pacific (APAC) region, which is made up of more than 35 countries. 

Sociopolitics at Work

As we thoroughly discuss in War, Religion, and Politics: A Battleground For DDoS, sociopolitical events continue to motivate hacktivists, which was clearly evident in the APAC region for the first part of the year. When the conflict between Russia and Ukraine began in February, DDoS attacks against both countries escalated significantly. However, when other countries showed support for either side, attacks were then focused on those countries.
 
A good example can be seen in Taiwan, which experienced the region’s highest daily volume of activity in late March, with just under 4,000 DDoS attacks. This massive escalation occurred on the same day that a governmental representative criticized Russia’s invasion of Ukraine; likewise, a significant portion of the IP addresses used in the attacks originated from Russia.
 
Another example of the growing influence that sociopolitics has on hacktivist behavior can be seen in India, which had the unenviable distinction of having the second-highest number of attacks for all countries in the APAC region. As with Taiwan, DDoS attack volume ramped up considerably when the country abstained from United Nations Security Council and General Assembly votes condemning Russia’s invasion.

Broadband Networks Under Fire

In terms of the vertical industries most often targeted in the APAC region, communications-related organizations have the dubious honor of being the most frequent target for DDoS attacks. In fact, most of the attacks targeting South Korea—which was the most-targeted country for DDoS during the first half of the year—were directed at broadband access provider networks.

Likewise, an Australian broadband operator was the target for the highest-bandwidth DDoS attack during the six-month reporting period. The highest-throughput DDoS attack in the region targeted a large cloud operator in Singapore. And the majority of DDoS attacks against China targeted cloud-hosting providers, wired and wireless telecommunication providers, and telecommunications-related resellers.

Communications Providers in the Crosshairs

Attacks against communications providers have steadily increased over the years, not only in APAC but globally. Within the APAC region, three of the top targets in this vertical industry were wired carriers, wireless providers, and cloud-based providers. For more than a year, we’ve been tracking increases in attacks against the “all other telecommunications” segment, which includes internet services and VoIP providers. Not only did this sector see a 59 percent increase in 2021, but it also saw a 31 percent increase for the first half 2022. 
 
Overall, the trends for APAC illustrate that malicious actors continue to learn and build upon successes they experience in terms of attack type and target. Learn more about the DDoS attack trends for the APAC region in the 1H 2022 DDoS Threat Intelligence Report.

Check out the full NETSCOUT DDoS Threat Intelligence Report.