"Record-Breaking Year for DDoS Attacks Targeting Russia"

According to Russia's largest internet service provider, Russian organizations were deluged with web and DDoS attacks last year in a bid to disrupt operations, deface websites, and "sow panic." Rostelecom said in a new report that in 2022 it recorded "a record-breaking DDoS attack in terms of power and duration." The most powerful attack was 760Gb/s, around twice as big as 2021's top attack. The company noted that the longest DDoS lasted 2000 hours or about three months. The company analyzed data on almost 600 companies from industries including telecoms, retail, finance, and the public sector and recorded 21.5 million web attacks in total. The vast majority (79%) of these were DDoS, although vulnerability exploitation, including SQL injection, path traversal, local file inclusion, and cross-site scripting, made up another 11%. OS command injection attacks comprised a further 10%. The company noted that most DDoS attacks used a "carpet bombing" tactic of targeting multiple IP addresses for a single organization within a short timeframe. However, after a sharp spike in attacks in the first two quarters of the year following the invasion of Ukraine, attacks apparently became more targeted and sophisticated.

Infosecurity reports: "Record-Breaking Year for DDoS Attacks Targeting Russia"