In the relentless evolution of cyber threats, Distributed Denial of Service (DDoS) attacks have continued to be a disruptive force, leaving organisations, industries, and nation-states vulnerable to unprecedented challenges. As we reflect on the tumultuous time the past few years have been, the landscape of cyber warfare becomes clearer, revealing alarming trends and the urgent need for resilient cybersecurity measures.
The surge of application layer DDoS attacks
In a staggering revelation in a recent global DDoS report by Imperva, application layer DDoS attacks surged by 82% compared to the previous year, with the financial services sector witnessing a harrowing 121% year-on-year growth. The largest application layer DDoS attack mitigated by Imperva in 2022 measured a formidable 3.9 million requests per second (Rps), underscoring the scale of the threat faced by organizations.
Repeat attacks emerged as a prevailing trend, with approximately 46% of targeted websites falling victim to DDoS assaults more than once. Layer 3 and 4 DDoS attacks reached a peak of 1373 gigabits per second (Gbps) in July, signalling a dramatic escalation in comparison to any other month throughout the year.
DDoS attacks as distraction tactics
DDoS attacks, often employed as a disruptive force in their own right, revealed a deeper, more insidious purpose. Cybercriminals strategically used DDoS assaults as a distraction, paving the way for subsequent, more complex malicious activities. The motive behind such attacks remains elusive, but a discernible trend emerges – cybercriminals leverage DDoS attacks as a smokescreen to divert attention from security teams.
This strategic ploy opens avenues for further application attacks, including the notorious Account Takeover (ATO) assaults and attacks on API endpoints, aiming to infiltrate sensitive data. A notable example showcases how a volumetric DDoS attack became a precursor to a series of devastating attacks, including ATO and bot attacks.
APIs: Vulnerabilities in the digital infrastructure
The transition to modern applications has witnessed a surge in the adoption of API endpoints, becoming integral to a company’s infrastructure. Approximately 40% of all web traffic to the Cloud WAFs is API-related, underscoring their critical role. As such, DDoS attacks specifically targeting APIs have become a menace, overwhelming both the server running the API and the API endpoints, and impacting performance significantly.
Hackers, adept at identifying weak points, exploit API servers lacking adequate security measures. Unprotected API servers become prime targets for DDoS attacks, where well-crafted API calls, unable to differentiate between valid and invalid requests, lead to wasteful consumption of server resources.
A call to action: Protecting against the unseen threats
And so when exploring current trends and observations in the cybersecurity landscape, the insights underscore the persistent popularity of DDoS attacks among cybercriminals and hacktivists, posing a genuine threat to organizations across diverse industries. The data reveals a dual nature of these attacks – not only do DDoS assaults disrupt and cause chaos, but they also serve as a precursor or culmination of more advanced attacks.
As organisations grapple with this evolving threat landscape, the importance of robust cybersecurity measures cannot be overstated. To ensure protection against DDoS attacks and their intricate strategies, here are key recommendations:
- Opt for ‘Always-On’ DDoS Protection for swift mitigation of short, single-vector attacks.
- Choose a DDoS solution with a short Service Level Agreement (SLA) to enhance response time.
- Consider implementing a Contingency DDoS solution to ensure continuous protection during primary provider outages.
- Recognize that a DDoS attack may precede or follow a series of other attacks; adopt a comprehensive security platform equipped to combat the latest threats.
In the face of these evolving challenges, organisations must remain vigilant, fortified by proactive cybersecurity measures that stand resilient against the multifaceted threats that lurk in the digital shadows.
For more data and insights, explore the comprehensive Global DDOS Threat Landscape Report for 2023 by Imperva. It’s a deeply illuminating read on the situation at hand and delves into how organisations can better prepare themselves against a growing threat to their systems and information.
See also: Nigeria ranked as Africa’s second most cyber-secure country after Senegal