According to a new report from Radware, web-based Distributed Denial of Service (DDoS) attacks soared by a whopping 265 percent globally in the first half of 2024. Ensuring your home and work lives are protected with cybersecurity is a growing priority in our digitalised modern world.
Web-based Distributed Denial of Service attacks are malicious attempts to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. Think of it as flooding a website or platform as to weaken and then manipulate its infrastructure.
Radware’s H1 2024 Global Threat Analysis Report had some major takeaways. It was found that web DDoS attacks have increased not only in frequency but also in severity. Europe, the Middle East, and Africa were the hardest hit, with over 90 percent of global web DDoS attacks targeting the region. North America was the target for 66 percent of web application and API attacks. In the Asia-Pacific region, the average volume of network-layer DDoS attacks surged by over 300 percent.
Web application and API attacks exploit vulnerabilities in app programming interface (API) endpoints to gain unauthorised access, compromise data, disrupt services, or perform other malicious activities. Successful attacks can disrupt business operations or steal data, money, or credentials.
Financial institutions remain the main target, experiencing 44 percent of all network-layer DDoS attacks. The industry also faced a record-setting six-day assault that disrupted operations with sustained attack waves over 100 hours.
Pro-Russian hacktivists doubled their attacks on Ukraine compared to 2023. Telegram, a messaging platform often used by cybercriminals, has become a hotbed for coordinating these efforts.
AI is another key report focus. With the democratisation of AI technology, particularly large language models such as Chat GPT and Google’s Gemini, more threat actors are now leveraging these tools to enhance the scale and sophistication of their attacks.
Radware’s Director of Threat Intelligence, Pascal Geenens, warns that the situation is likely to worsen as 2024 progresses.
Major upcoming events, such as the U.S. elections and economic uncertainties, could exacerbate the frequency and intensity of cyberattacks. AI tools are now more accessible. Cybercriminals are expected to exploit these technologies further, posing new challenges for businesses worldwide.
As cyber threats evolve, businesses must bolster their defences to protect against increasingly complex and frequent attacks. Radware’s report shows the need for organisations to invest in advanced cybersecurity solutions that can adapt to the shifting threat landscape.
A recent report from Google Cloud Security further revealed a wave of cyber threats targeting cloud infrastructures.
The Threat Horizons report says that cybercriminals are becoming more sophisticated, and their attacks are increasing in frequency. The valuable data and services hosted in cloud environments make them attractive to attackers who seek to exploit vulnerabilities for financial gain or disruption.
The report outlines several alarming trends in cybersecurity. First, the report notes an increase in advanced persistent threats (APTs), which are prolonged and targeted cyber-attacks aimed at stealing sensitive information. APTs are often carried out by state-sponsored groups.
Hackers are focusing on supply chains, targeting third-party software and services to infiltrate broader networks. This method can have widespread consequences, affecting numerous organisations at once.
Zero-day exploit attacks take advantage of unknown software vulnerabilities, leaving systems exposed until a patch is developed. The rise in zero-day exploits highlights the need for rapid detection and response.
Both intentional and accidental actions by employees or contractors can pose significant risks. Ensuring robust internal security measures and continuous monitoring is crucial. Managing insider threats is a first-stop way for businesses to fight cloud threats.
Finally, the report focuses on ransomware attacks, which involve locking an organisation’s data and demanding payment for its release. It remains a major threat across cyber platforms, particularly in cloud environments.
What can be done to target cloud threats? The report calls for proactive security measures and strengthened preparation. The cloud should not be considered immune to cyber-attacks.
Investing in advanced threat detection and response tools can help identify and mitigate threats in real-time. Technologies like AI and machine learning can enhance these efforts.
Security should cover all aspects, including identity management, data protection, and network security. This ensures no potential weak spots are left unaddressed. Vet third-party vendors and monitoring their security practices are essential. Clear agreements on security standards should be in place.
Be prepared, and don’t think that your business won’t be subject to a cloud cyber-attack. A solid incident response plan can significantly reduce the impact of a security breach. Regular drills and updates to these plans are recommended.
Awareness is a key defence against many types of cyber-attacks. Regular training on cybersecurity best practices can help prevent insider threats and reduce human error.
Cybersecurity is a shared responsibility. As threats continue to evolve, it is crucial for everyone—from large organisations to individual users—to stay informed and vigilant. Protect your digital environment and ensure a safer, more resilient future in the cloud with these tips! It’s better to be safe than sorry.