Internet distributed denial of service (DDoS) assaults rose by 265% within the first half of 2024 in comparison with H2 2023, in response to new findings from Radware.
Software-layer DNS DDoS exercise additionally tripled from H2 2023 to H1 2024, whereas a 16% improve in locked network-layer DDoS assaults was noticed in the identical interval.
The researchers highlighted rising worldwide geopolitical tensions as a serious driver of this development, with hacktivist teams claiming between 1000 to 1200 DDoS assaults monthly within the first six months of 2024.
Ukraine the Most Focused Nation
Ukraine was probably the most closely focused nation by hacktivists throughout H1 2024, adopted by the US, Israel, India and Moldova.
The Ukrainian domains rada.gov.ua and tax.gov.ua had been probably the most focused by DDoS assaults since January 2023, Radware discovered.
Professional-Russia group NoName057(16) was probably the most lively hacktivist risk actor throughout H1 2024, often collaborating with different teams just like the Cyber Military of Russia Reborn to focus on Ukraine and different nations.
Probably the most distinguished attacker collectives concentrating on Israel included RipperSec, 1915 Group, Sylhet Gang, Nameless Muslims, LulzSec Indonesia, Group ARXU, StarsX Group and Darkish Storm Group.
The researchers famous that the US was an essential goal for DDoS-as-a-service suppliers to show their proof-of-capability to potential prospects. The Telegram teams Channel DDoS v2, ZeusAPI Providers and Krypton Networks claimed probably the most assaults concentrating on the US within the first six months of 2024.
Learn now: Menace Actors Weaponize Hacktivism for Monetary Achieve
Moreover, India and Pakistan confronted frequent DDoS assaults by hacktivists.
Pascal Geenens, Radware’s Director of Menace Intelligence, commented: “World-wide geopolitical tensions, together with conflicts in Europe and the Center East, in addition to worldwide occasions, like nation elections, Eurovision, UEFA Euro, and the Olympics, proceed to drive malicious exercise.”
He added: “Within the again half of the yr, we count on assaults to proceed to climb, as extra risk actors undertake AI expertise democratized via more and more highly effective and publicly out there massive language fashions. The gravity of the upcoming election in the USA and considerations over decelerating monetary markets are additionally set to gas cyber disruption.”
DDoS Assaults Rising in Depth
The report discovered that Internet DDoS assaults have elevated in frequency and depth in H1 2024. Virtually 3% of net DDoS assaults had been over 1 million RPS and round 17% had been between 100,000 and 250,000 RPS.
Moreover, the fraction of Internet DDoS assaults under 50,000 RPS decreased from 74% in H2 2023 to 55% in H1 2024.
Radware additionally highlighted a six-day assault marketing campaign concentrating on a UAE monetary establishment throughout H1 2024. The assault consisted of a number of 4 to 20-hour Internet DDoS assault waves totaling 100 hours of Internet DDoS and sustaining a median of 4.5 million RPS with a peak of 14.7 million RPS.
The attackers gave up after six days and 100 hours of producing malicious net requests. The marketing campaign was attributed to hacktivist risk group SN_BLACKMETA by Radware. The agency additionally believes that the infrastructure leveraged in the course of the assault may very well be a part of the InfraShutdown premium DDoS-for-hire service.
Internet Software and API Assaults Enhance
The researchers additionally noticed a 22% rise in net utility and API assaults in H1 2024 in comparison with H2 2023.
The commonest net utility assault method was vulnerability exploitation, making up 32.9% of assaults. This was adopted by entry violation (9.98%), knowledge leakage (4.83%) and SQL injection (2.3%).
Round two-thirds (66%) of net assaults functions and APIs positioned in North America. Purposes in EMEA accounted for 23% of the assault exercise.
Moreover, unhealthy bot transactions elevated by 61% in H1 2024, with North America experiencing round half of this exercise.
