Web DDoS Attack Activity

Insights from Radware H1 2024 Global Threat Analysis Report

The first half of 2024 has marked a dramatic escalation in the frequency and intensity of web Distributed Denial of Service (DDoS) attacks, as detailed in the recently released “H1 2024 Global Threat Analysis Report” by Radware. The report underscores the evolving threat landscape, with attackers deploying increasingly sophisticated techniques and targeting critical global events.

A Surge in Attack Frequency and Intensity

The report highlights a staggering 265% increase in Web DDoS attacks in the first half of 2024 compared to the latter half of 2023. The most concerning aspect is the continuous escalation quarter over quarter: Q1 2024 witnessed a 137% rise in attacks over Q4 2023, followed by an 85% increase in Q2 2024. These figures reveal not only the growing prevalence of these attacks but also their intensifying impact on global digital infrastructure.

One particularly notable campaign extended over six days, with attackers orchestrating a series of ten waves. Each wave lasted between four to 20 hours, cumulatively accounting for over 100 hours of attack time. The scale of this campaign was unprecedented, with an average rate of 4.5 million requests per second (RPS) and a peak reaching an astounding 14.7 million RPS.

Evolving Attack Vectors: A New Era of Web DDoS

The increase in attack volume was largely driven by new and evolving vectors such as HTTP/2 Rapid Reset and Continuation floods. These techniques enabled attackers to exploit vulnerabilities in web protocols, rendering traditional defense mechanisms less effective. The use of these novel vectors reflects a growing sophistication among threat actors, who are continuously refining their methods to maximize disruption and evade detection.

The HTTP/2 Rapid Reset flood, for instance, leverages the inherent complexity of the HTTP/2 protocol to overwhelm target servers by sending a rapid sequence of reset frames. Similarly, Continuation floods exploit the continuation frames used in HTTP/2, allowing attackers to sustain high levels of traffic and exhaust server resources over extended periods. These tactics represent a significant evolution in DDoS strategies, requiring organizations to adapt their defenses accordingly.

Targeting High-Profile Events and Regions

Geopolitical tensions and major international events have also played a crucial role in shaping the DDoS landscape in H1 2024. The majority of Web DDoS attacks targeted organizations in the Europe, Middle East, and Africa (EMEA) region. This trend was influenced by several high-profile events, including the EU Parliament elections, Euro 2024 in Germany, and the upcoming 2024 Olympic Games in Paris. These events presented opportunities for threat actors to disrupt services and sow chaos, particularly in politically sensitive environments.

The concentration of attacks in the EMEA region highlights the increasing interconnection between global events and cyber threats. As organizations prepare for large-scale events or navigate geopolitical conflicts, they must also bolster their cyber defenses against the inevitable surge in DDoS activity.

Preparing for the Future

The findings from Radware’s report serve as a stark reminder of the evolving nature of web DDoS threats. As attackers continue to refine their methods and exploit new vulnerabilities, organisations must remain vigilant and proactive in their defense strategies. The significant increase in both the frequency and intensity of attacks in H1 2024 suggests that this trend is likely to continue, with future campaigns potentially targeting even more critical infrastructure and high-profile events.

In this rapidly changing threat landscape, the ability to adapt and respond quickly is more critical than ever. Organisations must invest in advanced DDoS mitigation solutions, regularly update their threat intelligence, and engage in continuous monitoring to stay ahead of these increasingly sophisticated attacks. Only by doing so can they ensure the resilience and continuity of their digital operations in the face of escalating cyber threats.

Contact White Arrow Technology if you are interested in learning more about how to protect your organization from the rising tide of network-layer DDoS attacks. Our experts can provide tailored solutions to ensure your infrastructure remains secure and resilient in the face of evolving cyber threats.

Tags:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Comments

No comments to show.
WordPress Appliance - Powered by TurnKey Linux