Skip to content
Information Technology

Radware 2024 report: malicious web application and API transactions rise 171% driven by layer 7 web DDoS attacks

Radware 2 mins read

 

  • DDoS attacks per customer nearly double
  • Web DDoS attacks relentlessly continue throughout the year
  • DNS query flood vectors increase more than three fold
  • Government, business/economy, and travel websites face the most hacktivist claimed DDoS attacks worldwide

 

Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, released its 2024 Global Threat Analysis Report.

 

“The technological race between good and bad actors has never been more intense,” said Pascal Geenens, Radware’s director of threat intelligence. “With advancements like Generative AI,

inexperienced threat actors are becoming more proficient and skilled attackers more emboldened. In 2024, look for attack numbers to climb and attack patterns, like the shift in Web DDoS attacks, to continue to evolve.”

 

Radware’s comprehensive report leverages intelligence provided by network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network, and threat intelligence research team during 2023. In addition, it draws from information found on Telegram, a public messaging platform often used by cyber criminals.

 

Radware’s report reveals key themes about the emerging threat landscape.

 

DDoS Attacks Surge Unprosecuted

“With almost two years of illegal denial of service left un-prosecuted following Russia’s invasion of Ukraine and the unfettered rise of hacktivism, the threshold into a life of cyber crime has reached a new low,” said Geenens. “We have yet to see DDoS attacks used as a mainstream vehicle to settle disagreements or differences, but plenty of groundwork has been laid by proficient hacktivists.”

 

Between the close of 2022 and 2023 DDoS attacks rose worldwide:

  • Globally, the average number of DDoS attacks per customer grew by 94%. On a regional basis, the increase in the number of DDoS attacks targeting customers varied:
    • EMEA rose 43%
    • The Americas grew 196%
    • APAC climbed 260%
  • The Americas were targeted by almost half of all global DDoS attacks. The EMEA region, accounting for 39% of the DDoS attacks, mitigated 65% of the global DDoS attack volume. The APAC region accounted for almost 12% of global DDoS attacks.

 

Hacktivists Attack with Unrelenting Conviction

“In 2023, geopolitical conflicts and ideological and religious motivations fuelled cyber operations and online campaigns,” explained Geenens. “New hacktivist tactics first introduced in 2022 after Russia invaded Ukraine spread and accelerated. Hacktivist-driven DDoS activity peaked in October of 2023, reaching record levels,following the conflict between Israel and Hamas.”

 

According to data gathered from Telegram:

  • Number of attacks: In the first half of 2023, threat actors claimed 5,606 attacks. During the second half, this number increased by 24% to 6,971 claimed DDoS attacks.
  • Geographic targets: In 2023, Israel was the country most targeted by hacktivists with 1480 DDoS attacks, followed by India (1242 attacks) and the United States (1164 attacks).
  • Top claiming actors: With 3,391 claimed DDoS attacks, NoName057(16) was by far the most active hacker group in 2023, followed by Anonymous Sudan (793 attacks) and Executor DDoS v2 (765attacks).
  • Website targets: Globally, the most targeted web category in 2023 was government with 2,694 claimed attacks. Business/economy and travel websites ranked second and third, with 1793 and 1624 attacks respectively.

 

Web DDoS Attacks Emerge as a Threat

“Throughout 2023, we observed a global shift in DDoS tactics as attacks grew more sophisticated, catchingcompanies off guard and hitting where it hurts most,” reported Geenens. “Increasingly, DoS attacks progressed toLayer 7, giving rise to damaging Web DDoS threats. Layer 7 attacks target not just online applications and their APIs, but also essential infrastructure, such as the Domain

Name System.”

  • In 2023, almost 95% of the attacks targeting DNS services leveraged DNS-A query floods.
  • DNS query flood vectors increased more than three-fold from fewer than 9 out of every 1,000 attack vectors before the fourth quarter of 2022 to 28 out of every 1,000 during the fourth quarter of 2023.
  • The total malicious web application and API transactions increased by 171% in 2023 compared to 2022. A significant part of this increase in activity can be attributed to layer encrypted web application attacks or Web DDoS attacks.

 

Industries Face Disproportionate Assaults

“In 2023, finance, retail and research and education saw the highest share of cyber attacks among leading industries worldwide,” said Geenens. “These high-value targets attract malicious actors because of the lucrative and sensitive data they store, the widespread disruption and publicity they generate when breached, and the tactical advantage they serve in hybrid warfare.”

 

  • Global DDoS attack activity:
    • Finance and technology organisations bore 29% and 22% of the attacks respectively, approximately half of which were encrypted web attacks.

 

    • Healthcare experienced 14% of the attacks, with 92% of the attack activity consisting of TCPattack vectors.
    •  
    • The government had to fend off 12% of the attacks, with the most aggressive attacks (45%)coming in the form of DNS-A query floods.

 

  • Global web application and API attack activity:
    • Retail (37%) and transportation (19%) were the most attacked industries. Software as a service (8%), carrier (8%), and utility (4%) rounded out the top five most attacked industries.
    • Organisations in research and education (32%), telecom (25%), technology (19%), finance (10%), and healthcare (6%) were most targeted by DNS flood attacks.

 

Radware’s complete 2024 Global Threat Analysis Report can be downloaded here.

 

 

More from this category

  • Information Technology
  • 17/07/2024
  • 09:10
Edelman for Juniper Networks

Juniper Networks Introduces Industry’s First Ops4AI Lab and Validated Designs to Maximize AI Workload Performance using Open and Flexible Infrastructure that is Easy to Manage

Accelerated time-to-value with assured Networking for AI configurations using Juniper, AMD, Broadcom, Intel, NVIDIA SUNNYVALE, CA., July 16, 2024– Juniper Networks® (NYSE:JNPR), a leader in secure, AI-Native Networking, today announced the first and most comprehensive multivendor lab for validating end-to-end automated AI Data Center solutions and automated operations with switching, routing, storage and compute solutions from leading vendors, as well as new Juniper Validated Designs (JVDs) that accelerate the time-to-value in deploying AI clusters. In addition, Juniper is releasing new key software enhancements that optimize the performance and management of AI workloads over Ethernet. Through these Operations for AI—Ops4AI—initiatives, Juniper…

  • Information Technology, Internet
  • 17/07/2024
  • 09:01
Edelman for Juniper Networks

Juniper Networks Introduces Industry’s First Ops4AI Lab and Validated Designs to Maximize AI Workload Performance using Open and Flexible Infrastructure that is Easy to Manage

Accelerated time-to-value with assured Networking for AI configurations using Juniper, AMD, Broadcom, Intel, NVIDIA SUNNYVALE, CA., July 16, 2024– Juniper Networks® (NYSE:JNPR), a leader in secure, AI-Native Networking, today announced the first and most comprehensive multivendor lab for validating end-to-end automated AI Data Center solutions and automated operations with switching, routing, storage and compute solutions from leading vendors, as well as new Juniper Validated Designs (JVDs) that accelerate the time-to-value in deploying AI clusters. In addition, Juniper is releasing new key software enhancements that optimize the performance and management of AI workloads over Ethernet. Through these Operations for AI—Ops4AI—initiatives, Juniper…

  • Contains:
  • Information Technology
  • 17/07/2024
  • 00:11
Dash Hudson Inc.

Dash Hudson Selected as Data Partner for EMARKETER’s PRO+ Product Solution

NEW YORK, July 16, 2024 (GLOBE NEWSWIRE) -- Dash Hudson, a leading social media management platform, has been selected as a strategic data partner for EMARKETER's PRO+ product solution. This collaboration enables marketers to access benchmark performance data across key social platforms such as TikTok, Instagram, YouTube, Pinterest, Facebook and X.“At Dash Hudson, we believe in the power of data to transform social media marketing strategies. By providing marketers with real-time, actionable insights, we empower them to stay ahead in a constantly evolving digital landscape,” said Kate Kenner Archibald, Chief Marketing Officer, Dash Hudson. “Our partnership with EMARKETER underscores our…

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.