Improvements in the automation and sophistication of distributed denial of service (DDoS) attacks are making hackers bolder, leading to the number of such incidents rising significantly, new research has claimed.
A report from Cloudflare found in the first half of 2024, its tools mitigated 8.5 million DDoS attacks against its clients. Of that number, 4.5 million happened in Q1, and 4 million in Q2. Overall, the number of DDoS attacks in Q2 dropped by 11% quarter-on-quarter, but rose 20% year-on-year, the company said.
The final number for 2024 is probably going to be even bigger, since Cloudflare already mitigated 60% of last year’s figure (which was 14 million DDoS attacks).
Access to sophisticated tools
Breaking the figures down further, Cloudflare, which operates a 280 terabit per second network, located across more than 320 cities worldwide, and serving almost a fifth (19%) of all websites, said it had already observed 2.2 million network-layer DDoS attacks, and 1.8 million HTTP DDoS attacks.
This number of 1.8 million HTTP DDoS attacks has been normalized to compensate for the “explosion in sophisticated and randomized HTTP DDoS attacks,” they said. Cloudflare’s automated mitigation systems create real-time fingerprints for DDoS attacks, and due to the randomized nature of the attacks, the company observed “many fingerprints” being generated for single attacks - probably around 19 million.
One of the catalysts for these randomized, sophisticated attacks was easier access to advanced tools, previously only reserved for state-sponsored threat actors, the report claims. “Coinciding with the rise of generative AI and autopilot systems that can help actors write better code faster, these capabilities have made their way to the common cyber criminal.”
Cybersecurity researchers from Imperva seem to agree with this assessment. In their report, published at roughly the same time, it was said that the rise in the volume of DDoS attacks was “driven by the easier availability of DDoS tools that allow even individuals with limited technical expertise to launch significant attacks. The shift towards automation in these tools has further lowered the barrier to entry, enabling a broader range of cybercriminals to participate in DDoS activities.”
In the second quarter of 2024, China was ranked the most attacked country in the world, with firms in the IT sector bearing the brunt of the attacks. Argentina was the number one source of DDoS attacks, followed by Indonesia, and the Netherlands.
More from TechRadar Pro
- DDoS attacks saw a huge surge in the first part of 2024, with one particular country badly hit
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now