Government websites are the primary target for hacktivist DDoS attacks

This year, hacktivists launched between 1,000 to 2,000 distributed denial-of-service (DDoS) attacks per month, according to Radware’s newly released report for the first half of 2024.

Hacktivist DDoS attacks are a type of cyber warfare carried out by politically or socially motivated hackers who are driven by ideology rather than financial gain. These attacks aim to overwhelm network traffic, disrupting or disabling the targeted network or website.

According to Radware, a leading cybersecurity provider, government websites have been the primary targets of such attacks since January 2023, with Ukraine, the US, Israel, and India being the most vulnerable countries.

The targeted domains span a wide range of critical services, including parliamentary sites, tax departments, public transportation, and central banks.

The analysis was based on intelligence gathered from Radware’s cloud and managed services, along with insights from their threat intelligence research team. Additional data was sourced from Telegram, a public messaging platform frequently used by cybercriminals.

Aside from network-layer and hacktivist DDoS attacks, the report also analysed findings for web DDoS, application-layer DDoS, web application and application programming interface (API) attacks, and bad bot activity.

To subscribe to the GovInsider bulletin click here. 

Asia-Pacific most targeted

Globally, the Asia-Pacific (APAC) region experienced the highest growth (302 per cent) when it comes to the average network-layer DDoS volume blocked per organisation, compared to last year.

As the name suggests, network-layer DDoS attacks target the network infrastructure, like servers and routers, and the internet link to overwhelming bandwidth capacity and crash the service.

The region was followed by EMEA (Europe, the Middle East, and Africa) with a 293 per cent growth, followed by the Americas (116 per cent).

The number of monthly application-layer DDoS attacks in the APAC region also increased by 81 per cent, and the volume per organisation increasing by 86 per cent.

Application-layer DDoS attacks target the application itself, like web servers and application firewalls.

The top industry targets for this type of attack were finance (44 per cent), healthcare (17 per cent), technology (10 per cent), followed by the government at 7.2 per cent.

Another type of attack that the APAC region is susceptible to is bad bot activity, as it experienced 20 per cent of bad bot transactions which is second to North America at 49.3 per cent).

Bad bots are malicious programmes that run automated tasks, including committing criminal activities such as fraud and theft.

In May, Radware launched an artificial intelligence (AI)-powered good bot manager to fight bad bot activity without disrupting the user experience.

To subscribe to the GovInsider bulletin click here. 

Risk factors

Radware’s director of threat intelligence, Pascal Geenens, highlighted a surge in high-intensity and volumetric attacks experienced during the first half of 2024, with a growing emphasis on the application infrastructure.

He underlined some key factors that will continue to worsen the cyberthreat landscape for the next half of the year.

These include worldwide geopolitical tensions, including conflicts in Europe and the Middle East; international events, including country elections and sporting or entertainment events.

“The gravity of the upcoming election in the United States and concerns over decelerating financial markets are also set to fuel cyber disruption,” he added.

Another important risk factor is AI-powered threats. “In the back half of the year, we expect attacks to continue to climb, as more threat actors adopt AI technology democratised through increasingly powerful and publicly available large language models,” he explained.

You can download Radware’s complete 2024 Global Threat Analysis Report by clicking the button below: