A new report from NETSCOUT Sytems reveals a troubling trend in the intersection of cyberwarfare and global sociopolitical events, as Distributed Denial of Service (DDoS) attacks increasingly become a tool for disruption during moments of national vulnerability. The 2H2024 DDoS Threat Intelligence Report highlights how hackers are leveraging DDoS attacks to sow chaos and erode trust in institutions, particularly targeting critical infrastructure across governments, businesses, and service providers.
The findings show that throughout 2024, DDoS attacks surged in response to key political events. Israel experienced a staggering 2,844% increase in attacks, linked to hostage rescues and ongoing political conflicts. In Georgia, attacks spiked by 1,489% ahead of the controversial passage of the “Russia Bill.” Mexico saw a 218% rise in DDoS incidents during its national elections, while in the United Kingdom, attacks jumped 152% as the Labour Party resumed parliamentary sessions.
“DDoS has emerged as the go-to tool for cyberwarfare,” said Richard Hummel, director of threat intelligence at NETSCOUT. “NoName057(16) continues to be the leading actor for politically motivated DDoS campaigns targeting governments, infrastructure, and organizations. In 2024, they repeatedly targeted government services in the United Kingdom, Belgium, and Spain.”
AI and Automation Accelerate the Threat
The report highlights how artificial intelligence (AI) and automation are making DDoS-for-hire services more powerful and accessible. Around 90% of DDoS-for-hire platforms now use AI-powered CAPTCHA bypassing, allowing attackers to automate large-scale attacks with minimal effort. New techniques such as carpet bombing, geo-spoofing, and IPv6 exploitation have expanded the attack surface, enabling even novice hackers to launch sophisticated assaults on critical infrastructure.
While overall botnet populations declined by 5% in 2024, the report warns that botnets remain resilient despite global takedown efforts. Attackers continue to exploit enterprise servers and routers to amplify their impact and complicate remediation efforts. Even as law enforcement agencies intensify crackdowns—such as Operation PowerOFF, which targeted DDoS-for-hire platforms—new attack infrastructures quickly emerge, sustaining global attack volumes.
A Persistent and Evolving Threat
DDoS attackers are proving increasingly adaptive, evolving their tactics faster than cybersecurity defenders can respond. Governments, enterprises, and service providers remain primary targets, requiring a shift toward intelligence-driven cybersecurity strategies to mitigate modern DDoS threats.
“Staying ahead of new threats demands that organizations outmaneuver an adversary that can force-multiply its strength, speed, intelligence, and persistence like nothing the world has ever seen,” the report states.
With visibility into two-thirds of the routed IPv4 space, NETSCOUT’s monitoring network provides a comprehensive picture of the global DDoS threat landscape. In 2H2024, the company observed peak global traffic exceeding 700 terabits per second (Tbps) and tracked tens of thousands of DDoS attacks daily, driven by botnets and millions of compromised devices.
As DDoS attacks continue to evolve, experts warn that without proactive defense strategies and increased international cooperation, cybercriminals will remain one step ahead—exploiting geopolitical tensions to disrupt economies and institutions on an unprecedented scale.
