Distributed Denial of Service (DDoS) attacks are becoming more dangerous, as the volume and sophistication of such attacks continue to grow, according to recent reports by cybersecurity vendors Imperva and F5.
DDoS attacks remain a preferred weapon by cybercriminals due to their disruptive potential, say the companies tracking such threats. These assaults can cause severe interruptions and service failures when attackers flood servers, networks, and applications with excessive traffic.
According to Imperva’s report, the largest application layer DDoS attack occurred in February 2024, which reached an unprecedented 4.7 million Requests Per Second (RPS).
Imperva said it also mitigated 111 per cent more DDoS attacks in the first half of 2024, compared to the same period in 2023. In addition, the average DNS (domain name server) amplification attack bandwidth surged by 483 per cent in the second half of 2023.
In the Asia-Pacific region, Australia (5.2 per cent), Singapore (2.9 per cent), and Japan (2.5 per cent) were among the top targeted countries for application layer DDoS attacks.
Globally, the United States was the primary target for DDoS attacks, receiving nearly half of all application-layer attacks in the first half of 2024. Brazil, Britain and Australia also experienced significant DDoS attacks.
By industry, cyber attackers focused their DDoS attacks on high-value targets. The financial sector bore the brunt of these attacks, experiencing the highest volume but also the most powerful attacks, reaching 118 million RPS in the first half of 2024, with the business and IT sectors taking second and third place respectively.
The telecom and Internet service provider industry saw the highest increase in attacks, reaching 548 per cent year-over-year. The healthcare and gaming sectors also faced significant threats, with increases of 236 per cent and 208 per cent, respectively.
“We expect the number and intensity of DDoS attacks to continue climbing, largely due to AI lowering the attack barrier,” said Daniel Toh, chief solutions architect for Asia-Pacific at Imperva.
“AI can automate the creation and deployment of sophisticated DDoS attacks, enabling even novice hackers to launch powerful assaults,” he noted. “In the foreseeable future, we anticipate more DDoS attacks powered by AI-enhanced botnets, including potential new variants of Mirai,” he added.
Companies need to have active “always-on” or “on-demand” DDoS protection in place at the very least, he added.
To adhere to best practices, Imperva advised businesses to educate staff members and users about cybersecurity issues and keep lines of communication open between the networking and security departments. Application code, it noted, has to be developed securely from the beginning.
It is no surprise that F5’s report had similar findings to what Imperva found. The cybersecurity company reported that attacks more than doubled in 2023, compared to 2024, growing almost 112 per cent.
According to F5, the software and computer services industry was the most attacked sector, comprising 36 per cent of all incidents.
While the attacks on the software and computer services industry doubled, the telecommunications and banking industries saw explosive growth with each seeing an estimated fivefold increase in incidents.
F5 noted that attacks were distributed globally, with notable spikes in the US, France, and Britain, often correlating with geopolitical events. The largest attack recorded by F5 in 2023 occurred in March, peaking at 1Tbps and targeting an organisation in the support services sector, which also suffered the most attacks overall at 187 incidents.
In terms of type of attacks, DNS Query attacks were responsible for 26 per cent or the majority of DDoS incidents in 2023, while industries like banking, financial services and insurance faced more TCP SYN floods. The consistently high volume of attacks, often exceeding 100Gbps, emphasises the growing threat.
