Critical DDoS threat situation persists: government organizations increasingly under attack

SECURITY INSIGHTS | April 26, 2023

No relief at the start of the year: the number of attacks on websites, Internet portals and APIs in the first quarter of 2023 is at the high level of the previous year. Government organizations, in particular, are increasingly being targeted by cybercriminals.

The analysis of mitigation data from Myra's Security Operations Center (SOC) shows a persistently high threat level for websites, online portals and APIs in the first quarter of 2023.

The number of requests defended against by Myra was at about the same level as at the end of 2022. The majority of malicious requests were the result of orchestrated attacks by organized cyber actors - especially government agencies were the focus of the attackers.

Three times higher: year-on-year comparison shows massive increase in attacks

In contrast, a comparison with the first quarter of 2022 shows a significant increase in malicious requests. Here, our security engineers observed an increase of 220 percent. January is the month that stands out the most. At the beginning of the new year, the number of malicious requests increased by 348 percent year-on-year.

Public authorities must increasingly expect cyberattacks

As was the case last year, public administration is particularly in the focus of attackers. Around two critical attacks per month and customer were recorded by the Myra SOC for the public administration sector. Without dedicated security solutions, these attacks would have inevitably led to the downtime of the targeted websites, citizen portals and specialist IT procedures.

“The security of German public authorities has always been in the crosshairs. The risk level has probably gone from high to very high because of the Ukraine war,” Christian Dörr, head of cybersecurity at the Hasso Plattner Institute in Potsdam, said at the Potsdam Conference on National Cybersecurity. BSI Vice President Gerhard Schabhüser, speaking at the same event, called on smaller municipalities in particular to outsource IT services to suitable professionals: “Don't do your IT yourself, use service providers.”

Well informed with Myra

Subscribe to our LinkedIn newsletter “Myra IT Security Insights” which provides you with the most important updates on cybersecurity, defense & mitigation and compliance on a monthly basis.