Cybersecurity company Imperva has released its 2024 DDoS Threat Landscape report. The report looks at DDoS attack activity for the first half of the year and reveals that the volume and sophistication of DDoS attacks is on the rise.
According to the report, a major factor behind the increase is automation and easy access to DDoS tools, which has made it possible for individuals with limited technical expertise to launch substantial attacks. This democratisation has expanded the pool of potential attackers. The report notes that Imperva mitigated 111% more DDoS attacks than in the same period in 2023 and that the largest application DDoS attack happened in February 2024 – an attack that reached 4.7 million requests per second (RPS). There was also a 483% increase in the bandwidth size of DNS Amplification attacks in H2 2023.
Certain industries have been particularly targeted, reflecting their critical roles and the high stakes involved in disrupting their services. Financial Services was the most targeted, accounting for 23.8% of all Layer 7 DDoS attacks. Not only is the financial sector the number one target for DDoS attackers, but it is also the target of the most powerful DDoS attacks in terms of RPS. Attacks on the financial services sector reached a combined RPS of 118 Million in H1 24.
Telecommunications and ISPs experienced a 548% increase in attacks, highlighting their crucial role in maintaining internet connectivity. Attacks on healthcare organisations increased by 236%, underscoring the potential impact on critical services and patient data. The gaming industry saw a 208% rise in attacks, affecting both online gaming experiences and financial transactions. DDoS attacks targeting industries associated with major sporting events have also surged by 89%, demonstrating how high-profile events attract cybercriminals seeking to disrupt operations and gain publicity.
Political tensions also significantly impact the prevalence of DDoS attacks. State actors and political activists often use these attacks to make statements or signal intentions. The Middle East unrest led to a 118% increase in attacks on Israel, while the Russia-Ukraine conflict resulted in a 519% surge in attacks on Ukraine, and Cybersecurity competition saw an 84% rise in attacks on China.
The report offers several key takeaways to help organisations prepare for the evolving threat landscape:
-
Election security: With the potential for politically motivated DDoS attacks, increased vigilance and robust cyber defences are essential during election periods;
-
Mirai Botnet variants: Continuous monitoring and updates are crucial to mitigate threats from new variants of the Mirai botnet;
-
AI and cybersecurity: As AI lowers the barrier for cyber attackers, investing in AI-driven defence mechanisms becomes increasingly important; and
-
Evolving threat groups: Staying informed about the activities of major hacking groups helps anticipate and prepare for new threats.
You can read the full report here.
