In the first half of 2024 [1] [2] [3] [4] [5], global Web distributed denial of service (DDoS) attacks saw a significant surge, with organizations in EMEA being the primary target [1].
Description
Radware reported a record-breaking six-day Web DDoS attack campaign on a financial institution [1] [2] [3], with multiple waves lasting 4- to 12-hours each [1] [2] [3], totaling 100 hours of attack time and reaching an average of 4.5 million RPS with a peak of 14.7 million RPS [2] [3]. Network-layer DDoS attack volumes also increased significantly [1], with average DDoS volume blocked per organization growing by 293% in EMEA, 116% in the Americas [1], and 302% in APAC [1]. The Americas faced 58% of global attacks [1] [2], while EMEA accounted for 23% of attacks but mitigated 56% of the global volume [1]. Finance organizations were the most targeted globally [2], followed by healthcare [1] [2] [3] [5], technology [1] [2] [4], and government [1] [2]. Application-layer DNS DDoS activity tripled from H2 2023 to H1 2024 [5], while a 16% increase in locked network-layer DDoS attacks was observed in the same period [5]. Ukraine was the most heavily targeted country by hacktivists during H1 2024 [5], followed by the US [5], Israel [2] [5], India [2] [5], and Moldova [5]. Pro-Russia group NoName057(16) was the most active hacktivist threat actor during H1 2024 [5], frequently collaborating with other groups like Executor DDoS and Cyber Army of Russia Reborn to target Ukraine and other countries [5]. Web DDoS attacks have increased in frequency and intensity in H1 2024 [5], with almost 3% of attacks being over 1 million RPS [5]. Additionally, the fraction of Web DDoS attacks below 50,000 RPS decreased from 74% in H2 2023 to 55% in H1 2024 [5]. North America and the Asia-Pacific region also experienced significant increases in attacks [4], with the democratization of AI technology enabling threat actors to enhance the scale and sophistication of their attacks [4]. Radware warns of worsening cyber threats in 2024 [4], with major events like the US elections and economic uncertainties likely exacerbating the situation [4], urging businesses to invest in advanced cybersecurity solutions to protect against evolving threats and safeguard sensitive data and operational continuity [4].
Conclusion
The increase in Web DDoS attacks in the first half of 2024 poses a significant threat to organizations, especially in EMEA. With the potential for cyber threats to worsen in the coming months, it is crucial for businesses to prioritize cybersecurity measures and invest in advanced solutions to mitigate risks and ensure the protection of critical data and operational functions.
References
[1] https://markets.businessinsider.com/news/stocks/radware-s-first-half-2024-report-web-ddos-attacks-climb-265-1033694105
[2] https://www.radware.com/newsevents/pressreleases/2024/radware-first-half-2024-report/
[3] https://www.stocktitan.net/news/RDWR/radware-s-first-half-2024-report-web-d-do-s-attacks-climb-nikftcai92r5.html
[4] https://www.scoop.co.nz/stories/SC2408/S00034/surge-in-cyber-threats-radware-reports-265-increase-in-ddos-attacks-during-first-half-of-2024.htm
[5] https://www.infosecurity-magazine.com/news/geopolitical-tensions-drive-ddos/
