1. Forum
  2. FidoNET
  3. CONSPRCY

  • Web DDoS attacks see majo

    From Mike Powell@1:2320/105 to All on Tuesday, March 04, 2025 10:06:00
    Web DDoS attacks see major surge as AI allows more powerful attacks

    Date:
    Tue, 04 Mar 2025 12:21:09 +0000

    Description:
    Layer 7 Web DDoS attacks increased five-fold in the span of a year as hacktivists use AI to lower the barrier to entry.

    FULL STORY

    There was a noticeable increase in Web Distributed Denial of Service (DDoS) attacks in 2024, largely thanks to Artificial Intelligence (AI) lowering the barrier to entry, experts have claimed.

    A report from cybersecurity experts Radware found Layer 7 Web DDoS attacks skyrocketed by 550% in 2024 compared to the previous year.

    Layer 7 DDoS attacks are also known as application-layer DDoS attacks, and
    they target the application layer of the OSI model. Instead of overwhelming network bandwidth like traditional volumetric attacks, these attacks focus on exhausting server resources by mimicking legitimate user requests. They
    exploit vulnerabilities in web applications, APIs, and services by flooding them with HTTP requests, login attempts, or database queries, making it difficult to distinguish real users from malicious traffic.

    More powerful, more disruptive

    Radware says that the increase can be attributed to hacktivist groups leveraging AI-enhanced tools to mount more destructive attacks, easier.

    Multiple catalysts drove the threat revolution witnessed in 2024, including geopolitical conflicts, bigger and more complex threat surfaces, and more sophisticated and persistent threats, said Pascal Geenens, director of threat intelligence at Radware.

    Add to that the impact of AI, which is lowering barriers to entry,
    multiplying the number of adversaries and enabling even novice actors to successfully launch malicious campaigns, and what you have is a threat landscape that looks very daunting.

    The EMEA region bore the brunt of Web DDoS attacks, the report states,
    claiming that it accounted for 78% of global incidents. For web application
    and API attacks, North America was the primary target with 66% of such incidents.

    At the same time, financial institutions and transportation services suffered an almost 400% increase in DDoS attack volume, making them among the hardest-hit industries. Hacktivist-driven attacks also grew by 20% globally, with government institutions emerging as the top targets.

    Beyond Web DDoS incidents, network-layer DDoS attacks have become more
    powerful and persistent, Radware explained. The average mitigated attack
    volume rose by 120% in 2024, while the average duration of attacks increased
    by 37%. The telecommunications sector absorbed the heaviest impact, facing
    43% of global network DDoS attack volume, followed closely by finance at 30%. The financial sector was also the most targeted industry for Layer 7 DNS attacks, accounting for 44% of global activity.

    The escalations in the threat landscape have significant implications for
    every sector from finance and telecommunications to government and e-commerce and beyond, Geenens added.

    Organizations are operating in a dynamic environment that demands equally dynamic defense strategies. While bad actors dont have to do their jobs perfectly to have a major impact, defenders do.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/web-ddos-attacks-see-major-surge-as-ai- allows-more-powerful-attacks

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)