HTTP DDoS Attacks’ 15% Increase


Despite having 35% decrease in year on year, HTTP DDoS attacks witnessed 15% increase in the last quarter which targets HTTP Internet properties such as websites and API gateways.

Cloudflare’s systems automatically detected and mitigated a massive DDoS attack that reached a peak of 1.4 terabits per second (Tbps) which has targeted US based internet service provider. ­

During the quarter, several industries and countries have been consistently targeted and have experienced significant impacts from the ongoing attacks.

These attacks are highly randomized and sophisticated, designed to bypass mitigation systems. The threat actors responsible have skilfully replicated browser behaviour and introduced significant randomizations in properties like user-agents and JA3 fingerprints.

These operations have specifically targeted well-known companies, including a prominent VoIP provider, a leading semiconductor company, and a major payment and credit card provider, among others.

The United States ranked as the primary source of HTTP DDoS attacks in terms of attack traffic volume, followed by China in second place and Germany in third place.

Approximately three out of every thousand requests observed were associated with HTTP DDoS attacks originating from the US.

Which industries are under attack ?

During the quarter, industries such as management consulting firms, non-profit organizations, cryptocurrency, and gaming gambling websites have been consistently targeted and have experienced significant impacts from the ongoing attacks.

Among the websites protected by Cloudflare, approximately six out of every ten thousand HTTP requests directed towards cryptocurrency websites were identified as part of these attacks.

Gaming and gambling websites ranked second in terms of targeted attacks, followed closely by marketing and advertising websites in third place.

During the last quarter, non-profit organizations faced the highest number of attacks, with HTTP DDoS attacks accounting for 12% of the traffic directed towards them.

On a daily basis, an average of 67.7 million cyber-attacks targeted non-profit organizations, including DDoS attacks directed at LGBTQIA+ websites.

Countries and regions under attack: Examining DDoS attack targets:

In terms of total attack traffic volume, Israel experienced a significant increase in attacks last quarter, placing it as the most targeted country.

However, this quarter saw a decrease of 33% in attacks on Israeli websites, resulting in Israel ranking fourth in terms of targeted attacks. The United States has regained its position as the most attacked country, with Canada and Singapore following closely behind in second and third place respectively.