Malicious web application attacks increase by 88%
Malicious web application attacks have soared 88%, according to a new report.
Cybersecurity and application delivery solutions provider Radware has released its 2021-2022 Global Threat Analysis Report.
The report’s findings highlight that 2021 will be the year of the attack on web applications. Between 2020 and 2021, the number of malicious web application requests increased by 88%, more than double the year-over-year growth rate of distributed denial-of-service (DDoS) attacks, which increased 37% compared to 2020.
The unprecedented rise in web application attacks, however, hasn’t stopped DDoS from making a name for itself in 2021. The report details how the past year has seen several record-breaking DDoS attacks and ransom denial-of-service (RDoS ) earn its place in the threat landscape. At the same time as large attacks are making headlines, the volume of micro-floods, often undetected attacks, has increased by almost 80% compared to 2020.
“Statistics tell a story about bad actors. They become smarter, more organized and more focused in pursuing their goals, whether for money, fame or a political cause,” says Pascal Geenens, director of the threat intelligence at Radware.
“In addition, cybercriminals are changing their attack patterns from using larger attack vectors to combining multiple vectors into campaigns that are more complex to mitigate,” he said.
“Ransomware operators and their affiliates, which now include DDoS actors for hire, are working with a whole new level of professionalism and discipline, something we’ve never seen before.”
Radware’s 2021-2022 Global Threat Analysis Report reviews the most significant cybersecurity events in 2021 and provides detailed information on DDoS attack and web application developments, as well as security trends. unsolicited network analysis.
Key takeaways from the report include:
Cloud-scale DDoS attacks are in the forecast
As more enterprises migrate critical resources and applications to the public cloud, attackers are adapting their tactics and techniques to match the scale of public cloud providers. While businesses shouldn’t be immediately alarmed by reports of massive attacks, they should be aware that DDoS attacks are part of their threat landscape, regardless of geography or industry. Companies that host services in the public cloud must be prepared for cloud-scale attacks.
Ransomware DoS (RDoS) gangs are taking over
In 2020, there was an increase in DDoS attacks against organizations that failed to pay a ransom demand on time. In 2021, RDoS confirmed its ubiquitous presence in the DDoS threat landscape with several campaigns. This included attacks targeting VoIP providers around the world, which raised concerns for critical infrastructure.
Ransomware operators turn to triple extortion
In 2021, more sophisticated and organized operators have improved their tactics, adding more extortion capabilities to their arsenal. To bring reluctant victims back to the negotiating table, they launched triple extortion campaigns by combining not only crypto-locking and data leaks, but also DDoS attacks. As a result, the thriving underground economy backed by ransomware operators is seeing new demand for DDoS services for hire.
Micro-floods make a great demonstration
While the number of large attack vectors (greater than 10 Gbps) decreased by 5% between 2020 and 2021, micro-floods (less than 1 Gbps) and application-level attacks increased by almost 80%. By cleverly combining large numbers of micro-floods over longer periods of time, attackers put organizations at greater risk of having to constantly increase infrastructure resources, such as bandwidth and network and server processing, up to until the service becomes prohibitive.
Other key findings from the Global Threat Analysis Report 2021-2022 include:
In 2021, the number of malicious DDoS events increased by 37% per customer compared to 2020. Europe, the Middle East and Africa (EMEA) and the Americas each accounted for 40% of the attack volume in 2021, while the Asia-Pacific region accounted for 20%.
Average DDoS attack volumes in 2021 per customer increased by 26% in 2021 compared to 2020.
The most attacked sectors in 2021 were gaming and retail, each accounting for 22% of attack volume on a normalized basis. These two industries were followed by government (13%), healthcare (12%), technology (9%) and finance (6%).
Web application attacks
The number of malicious web application requests increased by 88% between 2020 and 2021. Broken access control and injection attacks accounted for over 75% of web application attacks.
The most attacked sectors in 2021 were banking and finance, as well as SaaS providers, together accounting for more than 28% of web application attacks. Retail and high-tech industries ranked third and fourth, each with nearly 12% of web security events, followed by manufacturing (9%), government (6%), carriers ( 6%) and transportation (5%).