Latest News

Geopolitical Unrest Provides Opportunities for Threat Actors

Although the pandemic continues to influence the media landscape, it seems that cybercriminals are also taking advantage of other geopolitical events to launch attacks.

As detailed in NETSCOUT’s 2H 2021 Threat Report*, the total number of distributed denial-of-service (DDoS) attacks decreased from 5.4 million in the first half of 2021 to 4.4 million in H2 – with most geographical regions experiencing fewer attacks during the latter part of last year.

However, a notable exception is the Asia Pacific (APAC) region, which saw more than 1.2 million attacks during that timeframe – a seven per cent increase from the first half of 2021. Interestingly, NETSCOUT’s threat team had observed a steady decline in annual attack frequency for this region – until now. A likely cause of the increase is the geopolitical tensions between China, Hong Kong, and Taiwan – with all three nations historically using DDoS attacks as a tool to disrupt online traffic and activities.

Philippe Alcoy, APAC security technologist for NETSCOUT, has made the following comments about this trend, and the likely assumptions:

“Geopolitical unrest tends to increase the risk of DDoS attacks being launched against nations and regions. To gain a better understanding of the ways in which threat actors are using cyberattacks in relation to geopolitical events, it is worth considering the following attacks or incidents relating to the APAC region during the second half of 2021.

“In mid-July of 2021, China was publicly condemned for a series of cyberattacks**, including ransomware, cyberextortion, and crypto-jacking, in an effort to steal trade secrets, business information, intellectual property, and vaccine research. Charges were levelled against four Chinese nationals believed to be part of APT40, a group linked to the PRC Ministry of State Security.

“Further to this, in November, the director for Taiwan’s cybersecurity department stated that the country’s government agencies were being hit with 5 million cyberattacks and probes every day***. Taiwanese officials claim that China has increased cyberattacks targeting Taiwan’s government and businesses alongside China’s efforts to make democratic Taiwan part of its own territory. Given the obvious propensity for cyberattacks between China, Hong Kong and Taiwan, DDoS attacks in the region have increased alongside escalating tensions.

“As these geopolitical conflicts illustrate, DDoS attacks are progressively being utilised as part of geopolitical protest and waged to impact the governments and vital organisations of countries around the world.”

For more information about regional attack trends, visit