• Home
• /
• Tech
• /
• Business

One in five DDoS attacks in Q1 were targeted at the UAE

DDoS attacks surge 183% in Mena, hacktivism to blame

More than one in five (21 per cent) of distributed denial-of-service (DDoS) attacks in the Middle East and North Africa (Mena) region were targeted at the UAE in the first quarter of this year, research shows.

According to StormWall’s DDoS Attacks Report for Q1 2024, DDoS attacks in the Mena region increased by 183 per cent year-on-year. StormWall’s network, which processes up to 4500 Gbit/s at peak loads and has points of presence in Dubai, scrubs DDoS traffic for hundreds of businesses — from enterprises to local SMEs.

Apart from the UAE, Saudi Arabia (18 per cent) and Iran (14 per cent) were the most targeted countries in the Mena region in Q1 2024. “The high ranking of Iran and Israel (12 per cent) once again highlights just how prominent politically motivated attacks are in today’s DDoS threat landscape,” the report said.

The ongoing Israeli-Palestinian conflict fueled a surge in hacktivism in Q1 2024. Government services bore the brunt of these attacks, accounting for 34 per cent of all incidents in the region and experiencing a 218 per cent year-over-year increase. “The escalation of conflict, particularly Iran’s direct attack on Israel on April 13, 2024, further intensified DDoS activity,” the report said.

The energy sector was the second most attacked vertical in Q1 2024, with a 18 per cent share and a 206 per cent year-over-year increase in attacks. Hackers focused on critical infrastructure, targeting supervisory control and data acquisition (SCADA) systems and energy management systems (EMS) to disrupt operations and threaten business continuity.

The report showed that DDoS attacks became more sophisticated in the region during the quarter. This was manifested in the average number of botnet nodes quadrupling from 4,000 to 16,000. This growth in botnet capacity enables attackers to launch more powerful DDoS attacks, particularly carpet bombing attacks, which increased by 264 per cent year-over-year. Carpet bombing attacks target a wide range of IP addresses within a network, saturating the entire infrastructure with traffic.

Looking at the breakdown of attacks by protocol, 83 per cent targeted the HTTP and HTTPS protocols. Attacks on TCP and UDP protocols came in second with 10 per cent.

One of the biggest changes seen in the first quarter was the increase in attacks over the DNS protocol. DNS reflection and amplification attacks are capable of generating enormous amounts of malicious traffic that is directed to the victim’s server. While last year these types of attacks averaged only about three per cent, the number jumped to five per cent in Q1, StormWall data showed.

“As we move forward, by understanding the evolving threat landscape and implementing robust DDoS mitigation strategies, businesses can protect themselves from the growing risks posed by politically and financially motivated attackers,” the report said.