back Back

Rise in sophisticated attacks, state-level threats, and increased ransom DDoS Incidents

By Puja Sharma

July 16, 2024

  • AI
  • cloudflare
  • DDoS
Share

Data privacy

Cloudflare, Inc., the security, performance, and reliability company helping to build a better Internet, has announced its 2024 Q2 DDoS report. This report includes insights and trends about the DDoS threat landscape — as observed across the global Cloudflare network, which is one of the largest in the world. With a 280 terabit per second network located across over 230 cities worldwide, serving 19% of all websites, Cloudflare holds a unique vantage point, which enables the company to provide valuable insights and trends to the broader Internet community.

Threat actor sophistication fuels the continued increase in DDoS attacks

In the first half of 2024, Cloudflare mitigated 8.5 million DDoS attacks:  4.5 million in Q1 and 4 million in Q2. Overall, the number of DDoS attacks in Q2 decreased by 11% quarter-over-quarter, but increased 20% year-over-year.

For context, in the entire year of 2023, the company mitigated 14 million DDoS attacks, and half way through 2024, it has already mitigated 60% of last year’s figure.

Cloudflare successfully mitigated 57 petabytes of network-layer DDoS attack traffic, preventing it from reaching its customers’ origin servers. To put this in perspective, Netflix’s entire catalogue, which is estimated to be between 100 and 360 terabytes, could fit at least 162 times within the 57 petabytes of traffic Cloudflare mitigated.

When broken down further, those 4 million DDoS attacks were comprised of 2.2 million network-layer DDoS attacks and 1.8 million HTTP DDoS attacks. This number of 1.8 million HTTP DDoS attacks has been normalized to compensate for the explosion in sophisticated and randomized HTTP DDoS attacks. Cloudflare’s automated mitigation systems generate real-time fingerprints for DDoS attacks, and due to the randomized nature of these sophisticated attacks, it observed many fingerprints being generated for single attacks.

The actual number of fingerprints that was generated was closer to 19 million – over ten times larger than the normalized figure of 1.8 million. The millions of fingerprints that were generated to deal with the randomization stemmed from a few single rules. These rules did their job to stop attacks, but they inflated the numbers, so Cloudflare excluded them from the calculation.

This ten-fold difference underscores the dramatic change in the threat landscape. The tools and capabilities that allowed threat actors to carry out such randomized and sophisticated attacks were previously associated with capabilities reserved for state-level actors or state-sponsored actors. But, coinciding with the rise of generative AI and autopilot systems that can help actors write better code faster, these capabilities have made their way to the common cyber criminal.

Ransom DDoS attacks

In May 2024, the percentage of attacked Cloudflare customers that reported being threatened by a DDoS attack threat actor, or subjected to a Ransom DDoS attack reached 16% – the highest it’s been in the past 12 months. The quarter started relatively low, at 7% of customers reporting a threat or a ransom attack. That quickly jumped to 16% in May and slightly dipped in June to 14%.

Overall, ransom DDoS attacks have been increasing quarter over quarter throughout the past year. In 2024 Q2, the percentage was 12.3%, slightly higher than the previous quarter (10.2%) but similar to the percentage of the year before (also 12.0%).

Top attacked countries and regions

In the second quarter of 2024, China was ranked the most attacked country in the world. This ranking takes into consideration HTTP DDoS attacks, network-layer DDoS attacks, the total volume and the percentage of DDoS attack traffic out of the total traffic.

After China, Turkey came in second place, followed by Singapore, Hong Kong, Russia, Brazil, and Thailand.

Largest sources of DDoS attacks

Libya was ranked as the largest source of DDoS attacks in the second quarter of 2024. Indonesia followed closely in second place, followed by Netherlands in third.

Commenting on the report, Bashar Bashaireh, Managing Director & Head of Sales – Middle East and Türkiye at Cloudflare, “The majority of DDoS attacks are small and quick. However, even these attacks can disrupt online services that do not follow best practices for DDoS defense. Threat actor sophistication is increasing, perhaps due to the availability of Generative AI and developer copilots, resulting in attack code that delivers DDoS attacks that are harder to defend against. Even before the rise in attack sophistication, many organizations struggled to defend against these threats on their own. But they don’t need to. Cloudflare is here to help. We invest significant resources – so you don’t have to – to ensure our automated defenses, along with the entire portfolio of Cloudflare security products, can mitigate emerging threats.”

Key findings: 

  • Cloudflare recorded a 20% year-over-year increase in DDoS attacks.
  • 1 out of every 25 survey respondents said that DDoS attacks against them were carried out by state-level or state-sponsored threat actors.
  • Threat actor capabilities reached an all time high as our automated defenses generated 10 times more fingerprints to counter and mitigate the ultra-sophisticated DDoS attacks.

Previous Article

July 16, 2024

Visa & Temenos to offer money transfer solutions to European banks

Read More
Next Article

July 16, 2024

TISA goes live with Oracle’s core banking system, Flexcube 14.7

Read More






IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News

November 08, 2024

The Weekly Wrap: all you need to know by Friday COB | November 8th

Read More

November 06, 2024

Political divide meets crypto boom as Trump’s digital currency faces a tech-savvy audience

Read More

November 04, 2024

Auquan raises $4.5m to automate deep work in finance with AI

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q3 2024
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q1 2024
Know More