The trend, spotted in one major DDoS mitigation ecosystem, is the cyber threat to watch this year
With the latest quarterly report on the Distributed Denial of Service (DDoS) attack landscape for Q1 2023 released by Cloudflare, five key highlights have been publicized.
First, the firm has documented the world’s largest reported DDoS attack ever. Over a weekend in early February, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50–70m requests per second (rps) with the largest exceeding 71m rps. This is the largest reported HTTP DDoS attack on record, more than 54% higher than the previous reported record of 46m rps in June 2022.
Next, the report indicates a steady increase in ransom DDoS attack frequency. As opposed to ransomware attacks, ransom DDoS attacks can be much easier for attackers to execute as they do not involve tricking the victim into opening an email or clicking a link, nor do they require a network intrusion or a foothold into the corporate assets. InQ1: 16% of surveyed customers reported such attacks: the figure remains steady compared to the previous quarter, but represents a 60% increase year-on-year.
The third highlight of the report is that for Q1 2023, Israel took over the USA as the most targeted country by HTTP DDoS attack traffic.
The fourth highlight is that globally, internet firms saw the largest volume of HTTP DDoS attacks, followed by firms in the marketing and advertising industry. The gaming/gambling industry, however, was the most targeted regionally in Asia, Europe, and the Middle East.
Finally, in terms of countries targeted by network-layer DDoS attacks in Q1, the top three were Finland, China and Singapore. In Q1, Finland had taken over China with the highest percentage of attack traffic — with nearly 83% of network-layer DDoS attack traffic to their Internet properties behind Cloudflare. In the Cloudflare data analyzed, Finland was also the largest source of HTTP DDoS attacks in terms of the percentage of attack traffic out of all traffic per country.