Bad Actors Innovate, Extort and Launch 9.7M DDoS Attacks in 2021 According to the Latest NETSCOUT Threat Intelligence Report

Ransomware Gangs, DDoS-for-Hire Services, and Server Class Botnet Armies Make Attacks Easier to Launch with Greater Sophistication

London – 22 March 2022 NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT) today announced findings from its bi-annual Threat Intelligence Report. During the second half of 2021, cybercriminals launched approximately 4.4 million Distributed Denial of Service (DDoS) attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million. These attacks represent a 3% decrease from the record number set during the height of the pandemic but continue at a pace that’s 14% above pre-pandemic levels.

The report details how the second half of 2021 established high-powered botnet armies and rebalanced the scales between volumetric and direct-path (non-spoofed) attacks, creating more sophisticated operating procedures for attackers and adding new tactics, techniques, and methods to their arsenals.

“While it may be tempting to look at the decrease in overall attacks as threat actors scaling back their efforts, we saw significantly higher activity compared to pre-pandemic levels,” said Richard Hummel, threat intelligence lead, NETSCOUT. “The reality is that attackers are constantly innovating and adapting new techniques, including the use of server-class botnets, DDoS-for-Hire services, and increased used direct-path attacks that continually perpetuate the advancement of the threat landscape.”

Other key findings from the NETSCOUT 2H2021 Threat Intelligence Report include:

  • DDoS Extortion and Ransomware Operations are on the rise. Three high-profile DDoS extortion campaigns simultaneously operating is a new high. Ransomware gangs including Avaddon, REvil, BlackCat, AvosLocker, and Suncrypt were observed using DDoS to extort victims. Because of their success, ransomware groups have DDoS extortion operators masquerading as affiliates like the recent REvil DDoS Extortion campaign.
  • VOIP Services were Targets of DDoS Extortion. Worldwide DDoS extortion attack campaigns from the REvil copycat were waged against several VOIP services providers. One VOIP service provider reported $9M-$12M in revenue loss due to DDoS attacks.
  • DDoS-for-Hire services made attacks easy to launch. NETSCOUT examined 19 DDoS-for-Hire services and their capabilities that eliminate the technical requirements and cost of launching massive DDoS attacks. When combined, they offer more than 200 different attack types.
  • APAC attacks increased by 7% as other regions subsided. Amid ongoing geopolitical tensions in China, Hong Kong, and Taiwan, the Asia-Pacific region saw the most significant increase in attacks year over year compared to other regions.
  • Server-class botnet armies arrived. Cybercriminals have not only increased the number of Internet-of-Things (IoT) botnets but have also conscripted high-powered servers and high-capacity network devices, as seen with the GitMirai, Meris, and Dvinis botnets.
  • Direct-path attacks are gaining in popularity. Adversaries inundated organisations with TCP- and UDP-based floods, otherwise known as direct-path or non-spoofed attacks. Meanwhile, a decrease in some amplification attacks drove down the number of total attacks.
  • Attackers targeted select industries. Those hardest hit include software publishers (606% increase), insurance agencies and brokers (257% increase), computer manufacturers (162% increase), and colleges, universities, and professional schools (102% increase)
  • The fastest DDoS attack recorded a 107% year-over-year increase. Using DNS, DNS amplification, ICMP, TCP, ACK, TCP RST, and TCP SYN vectors, the multi-vector attack against a target in Russia recorded 453 Mpps.

NETSCOUT’s Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT’s Active Level Threat Analysis System (ATLAS™) coupled with insights from NETSCOUT’s ATLAS Security Engineering & Response Team.

The visibility and insights compiled from the global DDOS attack data, which is represented in the Threat Intelligence Report and can be seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed used across NETSCOUT’s Omnis security portfolio to detect and block threat activity for enterprises and service providers worldwide.

Visit our interactive website more information on NETSCOUT’s semi-annual Threat Intelligence Report. You can also find us on Facebook, LinkedIn, and Twitter for threat updates and the latest trends and insights.

Schools welcome new spending but universities are left with unanswered questions

Russell Tilsed – Senior Director of Public Services at 8×8, shares his thoughts on the 2021 Autumn budget, what it means for education, and how universities can stay top of the class.


In his Autumn budget statement, Rishi Sunak declared that he would bring spending on education, in real terms, back to 2010 levels – promising an extra £4.7 billion for schools by 2024/5. While this cash boost will certainly be welcome in schools across the UK, it’s worth remembering that in effect, it is only undoing past cuts. The fact that the extra cash equates to £1,500 per pupil serves to illustrate how far spending had fallen behind.


As Geoff Barton, General Secretary of the Association of School and College Leaders, said: “This still represents no growth in school funding for 15 years… school and college budgets are very thinly stretched, and the financial situation continues to be extremely difficult.”


The increase in spending for schools will be accompanied by an additional £1.8 billion for recovery and catch up over the next three years, however, helping schools to recuperate from 10 years of cuts. A new £560 million fund to support numeracy in adults will support the Government’s stated goal of ‘leveling up’ life chances across the country. And the continued support for the T levels, a new range of vocational courses 16–19-year old’s, will help address the UK’s skills gap.


The one area that seems to have been left behind, though, is Higher Education. There is no mention in the budget of extra cash for universities. As David Hughes, Chief Executive of the Association of Colleges said: “Government’s consistent refusal to increase the funding per student post-16 is baffling. The funding per adult will not have gone up in 14 years by the end of 2024/25, unlike in schools where per pupil funding will match 2010/11 levels in real terms.”


The UK is rightly proud to be home to 28 of the world’s top 500 universities (second only to the United States) including the world’s number one, Oxford. However, in 2021, the UK saw 36 of its universities drop down the rankings while 28 rose. Other countries – notably China, Australia and Canada – made significant gains. If the UK is to keep its place at the top of the league table, the UK government should provide funding to help universities and colleges to modernize their infrastructures and improve and evolve staff and student experiences to deliver better educational outcomes.


One sure way to enhance experiences for staff and students is by leveraging digital technology to create a connected campus. Modern unified communications tools can help universities re-imagine the way students, staff and lectures connect with each other. Some of the benefits include:


  • The ability for admin, lecturers, and students to connect from anywhere, on any device
  • The ability to conduct remote seminars and one-to-ones through Microsoft Teams
  • The option for students to attend lectures through video – either live, or recorded
  • Extra support for clearing week with short-term ‘pop-up’ omni-channel contact centres
  • A secure and reliable network
  • Real time engagement for students and parents through integrated chat, voice, and video
  • Ease of management for all communications channels through a single console


UK universities must not be left behind in the current digital revolution. During the first lockdown schools, from primary to higher education, quickly adjusted and delivered education in new ways. The learnings from these experiences provide an excellent foundation for building the way forward.


It is not just technology, but also the ability to use the technology that determines effectiveness. Now is the time to ensure universities have the skill sets, technology and processes that extend recent adaptations into permanent methods of increasing affordable access to education. Achieving this will require a sustained commitment to funding digital transformations that improve organisational resilience, reimagine education delivery, and transform the staff and student experience.


If the UK is to remain at the forefront of higher education, the government must continue to invest more in universities and help them remain leaders on this important topic.  





About 8×8

8×8, Inc. (NYSE: EGHT) is transforming the future of business communications as a leading Software-as-a-Service provider of 8×8 XCaaS™ (eXperience Communications as a Service™), an integrated contact center, voice communications, video, chat and API solution built on one global cloud communications platform. 8×8 uniquely eliminates the silos between Unified Communications as a Service (UCaaS) and Contact Center as a Service (CCaaS) to power the communications requirements of all employees globally as they work together to deliver differentiated customer experiences. For additional information, visit www.8×, or follow 8×8 on LinkedIn, Twitter, and Facebook.


8×8®, 8×8 XCaaS™, eXperience Communications as a Service™, and 8×8 Global Reach™ are trademarks of 8×8, Inc.


About Russell Tilsed, Senior Director – Public Sector, 8×8


With over 20 years of industry experience, Russell leads the 8×8 team of cloud communications experts dedicated to the public sector. Since joining 8×8 in 2010, Russell has partnered with IT leaders in the NHS, local and central government organisations to design and deploy cloud communication solutions that underpin their ability to digitally transform and ensure reliable service delivery.