Report reveals surge in advanced DDoS attacks for 2024
Cybersecurity expert Imperva, now under the Thales banner, has published its 2024 DDoS Threat Landscape report, examining distributed denial-of-service (DDoS) attack activities from the first half of 2024. The report indicates a significant increase in both the volume and sophistication of these cyber threats.
The report underscores the impact of automation and the widespread availability of DDoS tools, which have enabled individuals with limited technical knowledge to execute substantial attacks. This democratisation has broadened the pool of potential attackers.
Imperva recorded a 111% uptick in the number of mitigated DDoS attacks compared to the same period in 2023. February 2024 saw the largest application DDoS attack, reaching an unprecedented 4.7 million Requests Per Second (RPS). Besides, a marked increase (483%) in the bandwidth size of DNS Amplification attacks was observed in the second half of 2023.
The report also highlights particular industries that were intensely targeted. The financial services sector was the most targeted, making up 23.8% of all Layer 7 DDoS attacks. Not only did this sector face numerous attacks, but it also experienced the most powerful ones in terms of RPS, which culminated in a combined RPS of 118 million during the first half of 2024.
Other sectors experienced significant surges in attack volume. Telecommunications and Internet Service Providers (ISPs) saw a 548% increase, which underscores their essential role in maintaining Internet connectivity. Attacks on healthcare organisations went up by 236%, posing potential risks to critical services and patient data. The gaming industry saw a 208% rise, disrupting online gaming experiences and associated financial transactions. Additionally, industries tied to major sporting events experienced an 89% increase in DDoS attacks, reflecting the attractiveness of these high-profile events to cybercriminals.
Geopolitical factors continue to shape the DDoS threat landscape. Political tensions have been a significant driver of such cyber activities. In the Middle East, unrest led to a 118% increase in attacks on Israel. The ongoing conflict between Russia and Ukraine resulted in a staggering 519% surge in attacks on Ukraine. Additionally, a competitive cybersecurity atmosphere precipitated an 84% increase in DDoS attacks targeting China.
To help organisations brace for these evolving threats, the report suggests several key measures. In anticipation of politically motivated DDoS attacks, heightened vigilance and robust cybersecurity measures are essential during election periods. Continuous monitoring is crucial to counter threats from new variants of the Mirai botnet. As artificial intelligence reduces the entry barriers for cyber attackers, investing in AI-driven defense mechanisms becomes increasingly critical. Lastly, staying informed about the activities of major hacking groups can help organisations anticipate and prepare for emerging threats.