EMEA overtakes North America as top DDoS target, says Akamai

For the first time in five years, the EMEA region (Europe, Middle East, and Africa) has surpassed North America as the most targeted area for Distributed Denial-of-Service (DDoS) attacks, according to new research from Akamai Technologies. The report, titled "Fighting the Heat: EMEA’s Rising DDoS Threats," underscores the severity of the situation, revealing that the UK is disproportionately affected, suffering over a quarter (26%) of all attacks in the region. Saudi Arabia and Germany follow as the next most targeted nations, at 22% and 9%, respectively.

The findings are part of Akamai’s latest State of the Internet report, which reveals significant insights into the evolving landscape of cyber threats. Throughout 2023, the number of DDoS attack events in EMEA climbed to nearly 2,500, a figure more than three times higher than those experienced in the Asia-Pacific and Japan (APJ) and Latin American (LATAM) regions combined. The report indicates that geopolitical motives have significantly contributed to the rise in these attacks, with hacktivism and nation-state-sponsored cyber warfare playing a considerable role. This is particularly evident in the ongoing cyber conflict between Ukrainian and Russian actors, where DDoS incidents have proven to be effective tools for politically motivated hacktivists.

One of the most concerning revelations from the report is that EMEA is the only region experiencing a sharp increase in DDoS attacks since January 2019. While DDoS activity in North America has significantly fallen since 2022, cybercriminals have increasingly focused their efforts on the EMEA region. This trend is especially alarming for the financial services sector, where over half (53%) of all global DDoS attacks are aimed at EMEA targets, compared to 43% in North America. The complexity of these attacks is also growing, with over one-third of DDoS events utilising multiple vectors—sometimes as many as 12—such as DNS flood, UDP fragment, and NTP reflection.

The report also highlights the alarming ease and affordability with which these attacks can be carried out. The emergence of DDoS booster services means that some attacks can be launched for as little as GBP £8.50 (USD $10), making it simpler for cyber criminals to orchestrate large-scale disruptions. Targets frequently include the Domain Name System (DNS), a critical and foundational service whose disruption can have widespread impacts on internet functionality.

Richard Meeus, Akamai’s Director of Security Technology and Strategy for EMEA, commented on the findings: "Europe is under siege from the growing DDoS threat, and the ongoing Russia-Ukraine and Israel-Hamas wars are playing a significant role. As the region approaches several high-profile events such as the UK and EU elections, and the summer of sports, cybercriminals will continue to turn up the heat. It is critical that organisations protect their digital assets and shield their DNS infrastructure to avoid being burnt."