- Average number of botnet nodes in the region quadruples to 16,000, enabling attackers to launch more powerful DDoS attacks.
- UAE tops the list of recorded attacks, followed by Saudi Arabia, Iran and Israel.
The first quarter of 2024 witnessed a staggering 183 per cent year-on-year increase in Distributed Denial of Service (DDoS) attacks across the Middle East and North Africa (MENA) region.
The primary driver behind this surge was the escalation of hacktivism, fueled by the ongoing Israeli-Palestinian conflict and the geopolitical alignments of many MENA countries with Russia.
According to a report by StormWall, the average number of botnet nodes in the region quadrupled to 16,000, enabling attackers to launch more powerful DDoS attacks through horizontal scaling and “carpet bombing” techniques.
Botnet nodes quadruple
The significant increase in the size of botnets, which are networks of infected devices controlled by malicious actors, has given them the capability to overwhelm targeted networks and systems, causing widespread disruption.
The report revealed that government services bore the brunt of these attacks, accounting for 34 per cent of all incidents in the region and experiencing a 218 per cent year-over-year increase.
The energy sector was the second most affected, with an 18 per cent share and a 206 per cent year-over-year increase in attacks.
“Hackers have strategically targeted critical infrastructure, including supervisory control and data acquisition (SCADA) systems and energy management systems (EMS), in an effort to disrupt operations and threaten business continuity,” the report said.
The data also highlights the vulnerability of countries with developed economies. The United Arab Emirates topped the list, with 21 per cent of recorded attacks, followed by Saudi Arabia at 18 per cent, Iran at 14 per cent, and Israel at 12 per cent.
The prominent positioning of these countries underscores the significant role of political and ideological motives, rather than financial gain, in driving the malicious activity.
The report noted that the surge in attacks in Iran coincided with parliamentary election campaigns, while Israel has been targeted by hacktivists and Advanced Persistent Threat (APT) groups due to the ongoing Israel-Palestine conflict.
Additionally, Palestine has surpassed Jordan in the number of attacks, further emphasising the geopolitical nature of these incidents.
Looking at the breakdown of attacks by protocol, the report found that 83 per cent targeted the HTTP and HTTPS protocols, while attacks on TCP and UDP protocols came in second with 10 per cent. Notably, DNS attacks saw a significant increase from 3 per cent last year to 5 per cent in the first quarter of 2024.