A report published by Radware finds that distributed denial of service (DDoS) attacks are increasing not only in number and volume but in some instances, lasting as long as 100 hours over six days.
Pascal Geenens, director of threat intelligence for Radware, said that while DDoS attacks can be crippling most organizations don’t expect them to persist. However, one recent notable Web DDoS attack campaign involved 10 separate waves, with each wave lasting anywhere from four to 20 hours. The Web DDoS attack campaign averaged 4.5 million requests per second (RPS) with a peak of 14.7 million RPS.
In total, there was a 137% increase in the first quarter of 2024 compared to the previous quarter, with new vectors such as attack vectors such as HTTP/2 Rapid Reset and Continuation floods accounting for a significant portion of those attacks.
In addition, perpetrators of DDoS attacks are increasingly making use of cloud infrastructure provided by Telegram, for example, to launch attacks, said Geenens. That approach eliminates the need to take control of Internet of Things (IoT) devices that they would otherwise need to constantly replenish once it was discovered those devices had been compromised, he noted.
Most Web DDoS attacks targeted organizations in Europe, the Middle East and Africa (EMEA) region, largely because of regional conflicts, elections and the 2024 Olympic Games in Paris, the report noted. Hacktivist-driven DDoS attacks are hovering between 1,000 to 1,200 claimed attacks per month in 2024, with Ukraine being the most targeted country.
In addition, the report noted there was also only a 16% increase in blocked network-layer attacks per organization, but the average network-layer attack volume per organization grew 127% year over year. Well over half of those attacks (58%) occurred in the Americas. Finance organizations experienced the highest network-layer attack activity (44%), followed by healthcare (17%), technology (10%), government (7.2%), transportation and logistics (5%), and gaming (5%).
The number of malicious DNS queries in the first six months of 2024 has also increased by 76% compared to the total number of queries observed during the whole year in 2023. The largest DNS query flood attack peaked at 811,000 queries per second (QPS).
Web application and API attacks also increased by 22% in the first half of 2024, with North America accounting for 66% of those attacks.
Finally, the number of bad bot transactions increased by 61% year over year in the first half of 2024, with North America accounting for half of those transactions.
In general, the number of attacks that will be launched is only going to increase in volume, said Geenens. Generative artificial intelligence (AI) tools such as ChatGPT make it much simpler to write a few lines of code that can then be used to launch an attack via any number of services, he added.
Cybersecurity teams need to ensure that the targets for these attacks are resilient enough to withstand waves of attacks that can be launched by not just cybercriminal syndicates but also hacktivists, who now make resources available to attack any entity they believe is allied with their perceived enemies.
WordPress is the most widely used content management system globally, with over 478 million of all websites are built on its…
We are excited to announce the release of Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader.…
Reading Time: 5 min Secure your domain with our expert DMARC provider and management services. Enjoy seamless DMARC management, continuous…
Navigating the world of SOC 2 compliance can seem daunting for startups. This article breaks down the complexities, explaining what…
Interior view of workers at one of the steel processing plants in Hamilton, circa 1920. (MIKAN 4915719) - Image Courtesy…
Labor Day 2024 - Three Day Weekend Edition! Permalink