DDoS attacks against web apps and APIs surge
Globally, the average number of DDoS attacks per customer grew by 94 percent in 2023, according to a new report from Radware.
"The technological race between good and bad actors has never been more intense," says Pascal Geenens, Radware's director of threat intelligence. "With advancements like Generative AI, inexperienced threat actors are becoming more proficient and skilled attackers more emboldened. In 2024, look for attack numbers to climb and attack patterns, like the shift in Web DDoS attacks, to continue to evolve."
The geopolitical situation has led to a rise in hacktivism attacks around the world. Globally, the most targeted web category in 2023 was government with 2,694 claimed attacks. Business/economy and travel websites ranked second and third, with 1,793 and 1,624 attacks respectively.
"In 2023, geopolitical conflicts and ideological and religious motivations fueled cyber operations and online campaigns,” explains Geenens. “New hacktivist tactics first introduced in 2022 after Russia invaded Ukraine spread and accelerated. Hacktivist-driven DDoS activity peaked in October of 2023, reaching record levels, following the conflict between Israel and Hamas."
Tactics have shifted too. Almost 95 percent of the attacks targeting DNS services leveraged DNS-A query floods. DNS query flood vectors increased more than three-fold from fewer than nine out of every 1,000 attack vectors before the fourth quarter of 2022 to 28 out of every 1,000 during the fourth quarter of 2023.
Total malicious web application and API transactions increased by 171 percent in 2023 compared to 2022. A significant part of this increase in activity can be attributed to layer 7 encrypted web application attacks or Web DDoS attacks.
Global web application and API attack activity mainly targeted retail (37 percent) and transportation (19 percent) were the most attacked industries. Software as a service (eight percent), carrier (eight percent), and utility (four percent) round out the top five most attacked industries.
The full report is available on the Radware site.
Image credit: stevanovcigor/depositphotos.com