Analysis of 2022 data shows malicious DDoS attacks increased by 150%.Radware has released its 2022 Global Threat Analysis Report. The full year report draws on network and application attack intelligence from Radware's cloud and managed services, the Global Deception Network and the Threat Research Team.
"More is the operative word for the global threat landscape in 2022," said Pascal Geenens, Director of Threat Intelligence at Radware. “Compared to 2021, not only were there more DDoS attacks in number, but they were also more powerful, frequent, complex and encompassed more attack vectors. The surge can be attributed in part to digitization, the war in Ukraine, and a large number of new vulnerabilities and compromised services driven by remote access from home during the Covid pandemic. Ongoing tensions between major world powers have also led to a rise in state-sponsored cyberattacks and espionage activities.”
Global Attack Trends: DDoS continues to ramp up
The global DDoS landscape is evolving rapidly. In 2022, DDoS attack profiles have been redefined with increases in number, frequency, volume, strength, duration and complexity.
number of attacks
In 2022, the number of DDoS attacks increased by 150% worldwide compared to the previous year. The number of attacks in the Americas grew even faster, by 212% compared to 2021. More than half of the attacks targeted companies in the EMEA region. The Americas accounted for 35% of attacks, while 7% of attacks targeted APAC organizations.
frequency of attacks
The frequency of DDoS attacks has also increased significantly and is worrying. Globally, organizations were repelling an average of 2022 attacks per day in Q29,3 3,5, 8,4 times the 2021 attacks per day at the end of 2022. Attacks in EMEA grew even faster than the global average and surpassed both America and APAC. Organizations in EMEA experienced an average of 45 attacks per day in Q11,3 2021, a fourfold increase compared to XNUMX attacks per day in the same period in XNUMX.
attack volume
Global attack volume totaled 2022 PB in 4,44, a 32% increase from 2021. North, Central and South America recorded the strongest growth. Last year, attack volume in this region surpassed global volume, increasing by 2021% compared to 110. EMEA, while surpassing the Americas in attack frequency, saw a 2022% year-over-year decrease in total attack volume in 44.
attack power
The world's largest recorded attack in 2022 was 1,46 Tbps, 2,8 times the size of the largest attack in 2021.
attack duration
The longest attacks between 100 and 250 Gbps lasted an average of 2022 hours or 66 days in 2,75.
complexity of the attacks
The complexity of DDoS attacks continues to increase. Attackers typically use multiple and varied vectors to amplify impact and make attacks more difficult to contain. In 2022, attacks greater than 1 Gbps had on average more than two distinct attack vectors per attack, with the complexity doubling for attacks greater than 10 Gbps. Attacks over 100 Gbps had more than nine different attack vectors on average, with the most complex attacks using 38 different attack vectors.
"In 2023, the democratization of DDoS and patriotic hacktivism will continue to drive an increase in smaller, more frequent attacks - a trend we are already seeing in EMEA," said Geenens. “At the same time, it can be expected that underground cybercrime will become even better organized and better funded when it comes to carrying out hard attacks. Attackers are always looking for new, more sophisticated ways to advance their cyber agendas. As a result, organizations find themselves in an escalating state of risk as they seek to defend against the next generation of threats.”
Industries with the most attacks
Pascal Geenens, Director of Threat Intelligence at Radware (Image: Radware).
Globally, the financial sector was the most targeted industry in 2022, accounting for 53% of total attack activity, followed by technology (20%) and healthcare (11%). Financial and technology sectors were also among the sectors that bore the brunt of DDoS activities in different regions of the world.
- In the Americas, finance accounted for 32% of attack activity, followed by healthcare (24%) and technology (17%).
- In EMEA, finance (71%) also topped the list of most targeted industries, followed by technology (16%) and government (4%).
- In APAC, the technology industry was the most targeted industry, accounting for 70% of attack activity, followed by finance (9%) and public sector (8%).
Attacks on web applications
Attacks against web applications and APIs grew exponentially in 2022. Web application and API attacks grew 128% year over year, growing significantly faster than between 2020 and 2021 (88%). Predictable Resource Location accounted for almost half of the attacks. Code injection (14%) and SQL injection attacks (11%) combined accounted for another quarter of web application attacks. The most commonly targeted industries were retail and wholesale (25%), followed by high-tech (20%) and transportation (15%).
More at Radware.com
About Radware Radware (NASDAQ: RDWR) is a global leader in application delivery and cybersecurity solutions for virtual, cloud and software-defined data centers. The company's award-winning portfolio secures the company-wide IT infrastructure and critical applications and ensures their availability. More than 12.500 enterprise and carrier customers worldwide benefit from Radware solutions to quickly adapt to market developments, maintain business continuity and maximize productivity at low cost.