DDoS Attacks Surge 49% as Hackers Target Financial Sector
Content delivery and cybersecurity firm Cloudflare has reported a 49% quarter-on-quarter increase in Distributed Denial of Service (DDoS) attacks for Q3 2024, with banking and financial services bearing the brunt of cyber incidents.
The firm's Q3 2024 DDoS Threat Report, drawing from data across 330 cities, reveals attackers launched nearly 6 million DDoS attacks - coordinated efforts to overwhelm online services with traffic from multiple sources. This represents a 55% increase from the same period in 2023.
Attack sophistication reaches new heights
The quarter witnessed more than 200 hyper-volumetric incidents exceeding either one terabit per second (Tbps) or one billion packets per second (Bpps). The most significant attack, recorded on October 21, reached 4.2 Tbps - equivalent to processing a trillion digital information units per second.
- Cloudflare mitigated nearly 6 million DDoS attacks in Q3 2024
- A record-breaking 4.2 Tbps attack was mitigated on October 21, 2024
- Banking and financial services was the most targeted industry
- China was the most targeted country, while Indonesia was the largest source of attacks
- 72% of HTTP DDoS attacks were launched by known botnets
- SSDP amplification attacks increased by 4,000% compared to the previous quarter
- 80% of HTTP DDoS attack traffic impersonated the Google Chrome browser
Browser impersonation has emerged as a key attack vector, with 80% of HTTP DDoS traffic - attacks targeting web applications - mimicking Google Chrome browser versions 118 through 121. This technique enables malicious traffic to blend with legitimate user activity.
Geographic targeting shifts east
China has emerged as the primary target for DDoS attacks, followed by the United Arab Emirates and Hong Kong. Indonesia leads as the predominant source of attack traffic.
The report identifies a 4,000% surge in Simple Service Discovery Protocol (SSDP) amplification attacks compared to Q2. These attacks exploit vulnerabilities in Universal Plug and Play-enabled devices, including routers and IP cameras, to generate high-volume traffic.
Financial sector under siege
Banking and financial services faced the highest concentration of attacks during the quarter. Seventy-two per cent of HTTP DDoS attacks originated from identified botnets - networks of compromised computers controlled by attackers.
"The report underscores a complex threat environment that has prompted governments and businesses worldwide to prioritise cybersecurity investments and develop more robust defence strategies," says Cloudflare in its report.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand
