Cybersecurity firm Radware has released its comprehensive First Half 2023 Global Threat Analysis Report, shedding light on the evolving tactics employed by malicious actors in the digital realm.
Leveraging data from their Cloud and Managed Services, Global Deception Network, and dedicated threat intelligence research team, the report provides a detailed overview of the global threat landscape.
One notable trend highlighted in the report is the changing nature of Distributed Denial-of-Service (DDoS) attacks. The analysis indicates a significant shift in attack patterns, with attackers increasingly targeting web applications and APIs (Application Programming Interfaces) rather than relying solely on traditional network-layer attacks.
This transition from network-layer to application-layer attacks is evident from the 500 percent surge in malicious web application transactions compared to the first half of 2022. Interestingly, the total number of DDoS events saw a 33 percent decrease during the same period.
Furthermore, the report underscores the increasing scale and complexity of DDoS attacks. Notably, the number of large attacks (exceeding 100 Gbps) has risen sharply, reflecting a shift towards more impactful assaults. These larger attacks have seen a growth rate of 10.5 times in 2023, outpacing the expansion of smaller and mid-sized attacks.
The threat landscape is also marked by a surge in DNS query floods, with the proportion of attacks employing DNS Flood vectors nearly doubling compared to previous years. This highlights the diversification of attack vectors utilized by cybercriminals.
Hacktivist groups have also made their presence felt in the cyber arena, contributing significantly to the increase in layer 7 attacks. The report identifies various hacktivist collectives that have engaged in multiple DDoS campaigns during the first half of 2023. These campaigns often carry political and religious motivations and target a range of sectors. India, the United States, and Israel were the top targets for these hacktivist campaigns, with governmental and economic websites taking the brunt of the attacks.
Geographically, the report reveals that the EMEA region (Europe, Middle East, and Africa) encountered the highest volume of DDoS attacks, accounting for 66 percent of blocked attacks and 48 percent of attack volume. The Americas and APAC regions followed, demonstrating similar threat levels despite differences in attack volumes.
In terms of industries, research and education, service providers, and technology sectors faced the most DDoS attack volume. However, the distribution of attacks varied across different regions. Notably, the report underscores that while DDoS attacks continue to evolve, web application attacks have seen exponential growth, with malicious web application transactions increasing by a staggering 500 percent compared to the first half of 2022. Retail emerged as the most targeted sector for these web application attacks.
As cyber threats continue to evolve in complexity and scope, Radware’s report provides critical insights into the tactics employed by malicious actors and highlights the need for organizations to adapt and strengthen their cybersecurity strategies to safeguard their digital assets.