Ddos 
The World Economic Forum (WEF) annual meeting in Davos-Klosters, Switzerland, was met with a significant increase in Distributed Denial of Service (DDoS) attacks, according to a report from NETSCOUT’s ASERT team. The report reveals a surge in attacks coinciding with prominent political figures’ addresses, disrupting online activity.
NETSCOUT observed over 1,400 DDoS attacks between January 20 and 24, 2025, a period that saw the WEF take place. This volume represents a near doubling of DDoS activity compared to December 2024. The attacks varied in size, vector, and sophistication, with some peaking at 426 Gbps.
The report highlights a shift in tactics throughout the WEF. Initial attacks focused on high-bandwidth DNS reflection amplification, aiming to saturate bandwidth. Later attacks incorporated diverse reflection amplification vectors, likely seeking to maximize disruption. A further shift to TCP-based attacks, including TCP RST/SYN floods and SYN/ACK amplification, was observed, potentially indicating an attempt to exploit different vulnerabilities.
Analysis of attack traffic suggests that the majority targeted telecommunication providers and cloud infrastructure. This pattern aligns with past observations of DDoS campaigns during internationally significant events.
While the report does not attribute the attacks to a specific group, it notes that the Russian-aligned hacktivist group NoName057(16) has been known to target such events. However, the group’s typical use of HTTP flooding, primarily through its DDoSia botnet, differs from the observed attack patterns.
Related Posts:
About The Author
