NETSCOUT comments: Geopolitically motivated DDoS attackshave become a constant feature of our daily lives. Not a day goes by without us reading about the successful DDoS attacks launched by various hacker groups that have an impact that can be felt across national borders.

Above all, the pro-Russian hacktivist group NoName057 (16) is responsible for numerous attacks against states, state institutions, organisations and companies of all kinds. The attacks are particularly directed against the Western world and the USA, which are presented here as the Russian enemy. NoName057(16) operates DDoSIA, a unique gamified botnet that is used to carry out these attacks very effectively. Countries such as Moldova and Romania, but also Japan and Belgium, have recently been targeted by such attacks. Since November 2024, Switzerland has also been the target of geopolitical DDoS attacks by NoName057 (16).

Cyber attacks in the DACH region

The DACH region is considered a popular target for DDoS attacks. The Threat Intelligence Report for the first half of 2024 shows that Switzerland has the longest average duration of DDoS attacks in the region, with about 65 minutes per attack, followed by Austria with almost 57 minutes and Germany with 54 minutes. On 21 January 2025, Swiss banks and Lucerne municipalities were already targeted by DDoS attacks. Subsequently, the World Economic Forum (20-24 January) was targeted by the pro-Russian hacktivist group NoName057 (16). The actual damage caused by the attacks was limited, indicating that they were used primarily as a means of generating attention. In November 2024, Swiss elections were already the target of such attacks: On voting Sunday, 24 November, a DDoS attack on the provider Backslash paralysed numerous municipal websites for several hours. Just a few days later, on 27 November, another DDoS attack hit the leading hosting provider Hostpoint, causing temporary outages.

Conclusion

Switzerland should not be the only country to prepare for further DDoS attacks at the local and national level. This cyber attack method has seen a rapid increase in the geopolitical context over the last few years. The NETSCOUT Threat Intelligence Report found that between 2023 and 2024, targeted DDoS attacks on key global industries, including financial services, healthcare and telecommunications, more than doubled, increasing by 55%. The implementation of robust detection and defence strategies, coupled with a high level of cyber threat intelligence, therefore remains crucial to successfully strengthening resilience against cyber attacks for organisations worldwide.