Web DDoS Attacks in H1 2024: A Surge in Scale and Sophistication

The first half of 2024 has seen a dramatic surge in the frequency and intensity of Web Distributed Denial of Service (DDoS) attacks. According to Radware’s Cloud Protection Services, the number of attacks mitigated in Q1 2024 rose by an astonishing 137% compared to the previous quarter, Q4 2023. This growth continued in Q2 2024, with an additional 85% increase in the number of Web DDoS attacks. This exponential rise highlights the rapidly evolving threat landscape that organisations must now navigate.

The Rise of More Intense Web DDoS Attacks

The size and scale of Web DDoS attacks have also grown significantly in 2024. While attacks under 50,000 requests per second (RPS) made up 74% of all Web DDoS attacks in 2023, this figure dropped to 55% in 2024. Conversely, the number of larger and more impactful attacks has increased, with nearly 3% of all attacks in H1 2024 surpassing 1 million RPS. Moreover, almost 17% of attacks were in the 100,000–250,000 RPS range, reflecting a shift towards more intense Web DDoS assaults.

Trends Behind the Surge in Web DDoS Attacks

Several key factors have contributed to the rapid increase in Web DDoS attacks:

1. Political Tensions and Hacktivism in Europe
   A significant portion of Web DDoS activity, particularly in Europe, can be traced to politically motivated hacktivists. Since the onset of the conflict in Ukraine, hacktivist groups have grown more sophisticated, leveraging new tools and techniques to launch large-scale L7 (application layer) attacks on online services. These attacks target web applications and APIs, making them harder to mitigate and often more destructive.
2. DDoS-for-Hire Services Gaining Momentum
   The rise of DDoS-for-hire services has also fueled the increase in Web DDoS attacks. These services, which allow individuals or groups to rent botnets and launch large-scale attacks, have expanded their offerings in 2023 and 2024. Hacktivists have begun renting out their botnets to third parties for financial gain, moving away from volunteer-based attacks. These services are now focusing more on L7 attack vectors, including web applications and APIs, which are becoming the primary targets for cybercriminals.
3. Exploitation of New Vulnerabilities
   In late 2023 and early 2024, attackers quickly adopted newly disclosed vulnerabilities in the HTTP/2 protocol. The HTTP/2 Rapid Reset vulnerability, revealed in October 2023, and the HTTP/2 Continuation flood attack vector, disclosed in April 2024, have become prominent methods for launching DDoS attacks. These vectors allow attackers to overwhelm web servers with high request rates, making it difficult for traditional mitigation strategies to keep up.
4. AI-Driven Attack Sophistication
   As attack tools become more advanced, artificial intelligence (AI) is playing an increasingly important role in Web DDoS attacks. Some DDoS-for-hire services now include AI-powered features like CAPTCHA bypass and CAPTCHA solving, allowing bots to evade common defense mechanisms. This sophistication enables attackers to maintain their assault on web applications for longer periods, increasing the likelihood of disrupting services.

The Implications of Larger Web DDoS Attacks

The shift towards larger, more intense Web DDoS attacks presents significant challenges for organisations. Attacks exceeding 1 million RPS can quickly overwhelm even well-prepared infrastructure, causing major disruptions to online services. As the size and sophistication of these attacks grow, businesses must adapt their defenses to keep pace with evolving threats.

The Importance of Proactive DDoS Mitigation

In the face of these escalating threats, having a robust DDoS protection strategy is more critical than ever. Radware’s Cloud Protection Services have been instrumental in mitigating these large-scale attacks, preventing downtime, and ensuring that legitimate users can still access critical services during an attack. As Web DDoS attacks become more frequent and severe, real-time traffic analysis, AI-driven defense solutions, and scalable mitigation techniques are essential for organisations to maintain resilience.

Contact White Arrow Technology if you are interested in knowing more about how to protect your organisation from Web DDoS attacks and other emerging cyber threats.