DDoS Threat Landscape Report 2024: Increase in cyber attacks worldwide

Imperva DDoS Threat Report 2024
DDoS attacks on hospitals increase by 236 percent

The results of Imperva's 2024 DDoS Threat Landscape Report show that Distributed Denial of Service (DDoS) attacks are increasing worldwide, particularly affecting companies in the telecommunications, healthcare and gaming sectors.

DDoS attacks remain a favorite weapon of cybercriminals to bring down websites and services. Networks, servers and applications are overloaded with traffic until they fail and are no longer accessible.

Although this threat has been around for a long time, its scale and sophistication are increasing. One important reason for this is the easy access to DDoS tools. Automation and availability as a service on the dark web have made it possible to launch large-scale attacks with limited technical knowledge. This “democratization” has increased the pool of potential attackers, making it more important than ever for companies to strengthen their defenses. This is shown by the results of the new DDoS Threat Landscape Report 2024 from Imperva, a Thales company.

In relation to the individual sectors, the findings are as follows:

• 89 percent Increase in DDoS attacks related to sporting events.

• 548 percent Increase in attacks on telecommunications companies and ISPs.

• 236 percent DDoS threats in the healthcare sector increased.

• 208 Further attacks were also recorded in the gaming industry.

The increase in DDoS attacks is due to the following sources and companies should consider the following recommendations to prevent this threat:

• Mirai botnet variants: Continuous monitoring and updates are critical to mitigate threats from new variants of the Mirai botnet.

• AI and cybersecurity: As AI lowers the barriers for cyber attackers, investing in AI-driven defenses is becoming increasingly important. The goal on both sides is to use automation to minimize manual work and scale quickly.

• Evolving threat groups: It provides information on the activities of the most important hacker groups in order to identify new threats and prepare accordingly.

The results also illustrate the dimension of the attacks:

• 111 percent more DDoS attacks defused: In the first half of 2024, 111 percent more DDoS attacks were mitigated than in the same period in 2023, underscoring the need for robust security measures.

• Largest application layer DDoS attack: In February 2024, an application-layer DDoS attack reached an unprecedented 4.7 million requests per second (RPS).

• DNS attacks increase by 215 percent: The number of DNS attacks increased by 215 percent in the first half of 2024 compared to the same period in 2023.

• 483 percent bandwidth growth in DNS amplification attacks: In 2023, the average size of a DNS amplification attack increased by 483 percent.

Two completely new types of DDoS attacks on the application layer were also observed:

HTTP/2 Rapid Reset Attacks: HTTP/2 Rapid Reset is a relatively new type of attack that was first observed in 2023. It is a denial-of-service vulnerability categorized as CVE-2024-44487 that affects the HTTP2 protocol and allows HTTP clients to open a stream and abort it immediately afterward. These repeated open/abort operations, if done in large numbers, can overload the server.

HTTP/2 continuation frame attacks: Recently, HTTP/2 Continuation Frame attacks, a new type of Layer 7 DDoS attack, have taken off. These attacks exploit vulnerabilities in the HTTP/2 protocol by continuously sending smaller streams of fragmented requests to overload servers. This method allows attackers to bypass traditional defenses and cause significant disruption with relatively low volumes of traffic. The increase in these complex attacks shows that the threat landscape is evolving and that increased security measures are needed to protect critical infrastructure.

(ID:50160178)