Radware Global Threat Analysis Report 2021-2022: Attacks on web applications almost doubled. Analysts report an increase of 88 percent compared to 2020. The report describes record-breaking DDoS attacks and ransomware denial of service (RDoS).
According to Radware's Global Threat Analysis Report 2021-2022, the number of attacks on web applications worldwide almost doubled in the past year - the analysts report an increase of 88 percent compared to 2020. This puts such attacks in the lead in terms of growth rate - the number of DDoS attacks increased by 37 percent in the same period. Among other things, the report describes how several record-breaking DDoS attacks and ransomware denial of service (RDoS) made a name for themselves in the past year. But while these large-scale attacks made headlines, micro floods continued to fly under the radar. In these often unnoticed attacks, Radware saw an 80 percent increase over the previous year.
The story behind the numbers
“The statistics aren't just numbers, they tell a story about the evolution of malicious actors,” said Pascal Geenens, Director of Threat Intelligence at Radware. “They are becoming increasingly smart, organized and focused in pursuit of their goals, be it for money, fame or a political cause. In addition, cybercriminals are shifting their attack patterns from larger attack vectors to combining multiple vectors in more complex campaigns. Ransomware operators and their partners, which increasingly include DDoS-for-Hire actors, operate with a whole new level of professionalism and discipline - something we have not seen before."
Radware's Global Threat Analysis Report 2021-2022 provides an overview of the most important cyber security events in 2021 and provides detailed insights into the trends in DDoS attacks and web application attacks. Key findings from the report include:
Scale DDoS attacks
As more organizations migrate critical resources and applications to the public cloud, attackers are adapting their tactics and techniques to match the bandwidth of public cloud providers. While organizations shouldn't be immediately alarmed by reports of massive attacks, they need to be aware that DDoS attacks are part of their threat landscape, regardless of geography or industry. Organizations hosting services in the public cloud need to be prepared for cloud-scale, high-bandwidth attacks.
RDoS gangs are taking over
2020 saw an increase in DDoS attacks against companies that failed to pay a ransom demand on time. In 2021, RDoS confirmed its ubiquitous presence in the DDoS threat landscape with multiple campaigns. This included attacks on VoIP providers around the world, raising concerns about critical infrastructure.
Ransomware operators are turning to new extortion techniques
To bring reluctant victims back to the negotiating table, they launched three-tier extortion campaigns, combining crypto-locking and data leaks with DDoS attacks. Hence, the thriving underground economy, fueled by ransomware operators, is witnessing an increasing demand for DDoS-as-a-Service.
Micro Floods made their grand entrance in 2021
While the number of large attack vectors (above 10 Gbps) decreased by 2020% from 2021 to 5, micro floods (less than 1 Gbps) and application layer attacks increased by almost 80%. By cleverly combining a large number of micro floods over longer periods of time, attackers expose companies to the risk of having to constantly increase their infrastructure resources such as bandwidth, network and server capacities until their cloud services are no longer affordable.
DDoS attacks
In 2021, the number of DDos attacks increased by 37%. Europe, the Middle East and Africa (EMEA), and the Americas each registered 40% of the attacks, while the Asia Pacific region saw 20%. The average DDoS attack volume increased by 26 percent compared to the previous year. The primary target industries were gaming and retail, each accounting for 22% of attack volume on a normalized basis. These two industries were followed by government (13%), healthcare (12%), technology (9%) and financial services (6%).
Attacks on web applications
The number of malicious requests to web applications increased by 2020 percent from 2021 to 88. Injection attacks exploiting flawed access control mechanisms accounted for more than three quarters of attacks on web applications. The most commonly attacked industries in 2021 were banking, finance and SaaS providers, which together accounted for more than 28 percent of web application attacks. Third and fourth are retail and high-tech, each with nearly 12 percent, followed by manufacturing (9%), government (6%), carriers (6%), and transportation (5%). .
The full Radware Global Threat Analysis Report 2021-2022 is free to download. The report draws on network and application attack intelligence sourced from Radware's Cloud and Managed Services, Radware's Global Deception Network and Radware's Threat Intelligence Team.
More at Sophos.com
About Radware Radware (NASDAQ: RDWR) is a global leader in application delivery and cybersecurity solutions for virtual, cloud and software-defined data centers. The company's award-winning portfolio secures the company-wide IT infrastructure and critical applications and ensures their availability. More than 12.500 enterprise and carrier customers worldwide benefit from Radware solutions to quickly adapt to market developments, maintain business continuity and maximize productivity at low cost.