Cybersecurity and application delivery solutions provider, Radware, has released its First Half 2023 Global Threat Analysis Report, shedding light on the evolving threat landscape. The report draws insights from Radware's Cloud and Managed Services, Global Deception Network, and threat intelligence research team, as well as data from the public messaging platform Telegram, often used by cybercriminals.
The report emphasized that the landscape for cyber threats in 2023 has seen a significant shift, with Denial-of-Service (DDoS) attacks showcasing new patterns. Radware urged organizations to proactively adapt to these changing threats, noting that attackers are now focusing on online applications, APIs, and essential infrastructure.
The report's findings highlighted key shifts in DDoS attack patterns during the first half of 2023:
Changing Tactics: Malicious web application transactions surged by 500% compared to H1 2022, while the total number of DDoS events decreased by 33%. This points toward a transition from network-layer to application-layer attacks.
Surging Vectors: DNS query floods saw a significant surge, with attacks featuring a DNS Flood vector almost doubling in Q2 2023 compared to 2021 and early 2022.
Bigger Attacks: Attacks exceeding 100Gbps increased from 3.75x in 2022 to 10.5x in 2023, surpassing growth in smaller attacks.
Increasing Complexity: Larger attacks had more dissimilar attack vectors, with attacks above 1Gbps averaging over two vectors and those above 100Gbps averaging over eight.
Hacktivist Offensives: Hacktivist groups like NoName057(16) and Anonymous Sudan were highly active on Telegram, with significant numbers of claimed DDoS attacks.
The report also highlighted hacktivist influences in layer 7 attacks, where hacktivists played a role in increasing the volume and intensity of attacks. Geographical targets, website types, and industries under attack were outlined, showcasing the varying trends across regions.
The surge in web application activity was another significant finding, with a staggering 500% growth in malicious web application transactions compared to H1 2022. Predictable resource location attacks, SQL attacks, and code injection attacks were noted as major security violations. Retail, carriers, and SAAS providers were the most attacked industries.
Radware's report reinforces the need for organizations to stay ahead of evolving cyber threats by adapting their cybersecurity strategies to address the changing attack patterns and vectors seen in the current landscape. ###