Scroll Top

Cloudflare’s DDoS threat report reveals heightened cybersecurity challenges in 2023 Q2

tan-cong-tu-choi-dich-vu-ddos-attack

InternetIntelligence.eu, a renowned platform specializing in Open Source Intelligence (OSINT), cyber analysis, and conflict research, highlights Cloudflare’s latest blog post on the DDoS Threat Report for the second quarter of 2023. Cloudflare, a leading Internet security company, published the report on their blog, offering valuable insights into the evolving landscape of distributed denial-of-service (DDoS) attacks.

DDoS attacks, which aim to overwhelm websites and online services with excessive traffic, have grown more powerful and sophisticated in recent years. Cloudflare, with its extensive network spanning over 300 cities across 100 countries, is uniquely positioned to provide an in-depth analysis of DDoS trends and patterns.

The report begins by emphasizing the substantial increase in DDoS attack campaigns during the second quarter of 2023. Noteworthy observations include:

  1. Coordinated Offensive: Pro-Russian hacktivist groups, including REvil, Killnet, and Anonymous Sudan, orchestrated multiple waves of DDoS attacks against Western interest websites. These thought-out and persistent campaigns targeted various sectors.
  2. Targeted DNS and Mitel Vulnerability Exploits: The quarter witnessed a 532% surge in DDoS attacks exploiting the Mitel vulnerability (CVE-2022-26143) and an increase in deliberately engineered and targeted DNS attacks. Cloudflare had previously contributed to disclosing this zero-day vulnerability.
  3. Cryptocurrency Industry Under Fire: Attacks on cryptocurrency companies surged by 600%, while HTTP-based DDoS attacks saw a 15% overall increase. Of particular concern was the alarming escalation in attack sophistication within this sector.

Furthermore, Cloudflare reported one of the largest DDoS attacks of the quarter, involving an ACK flood attack originating from a Mirai-variant botnet. This attack targeted an American Internet Service Provider, peaking at an overwhelming 1.4 terabits per second (Tbps). Fortunately, Cloudflare’s robust systems automatically detected and mitigated the attack, which lasted only two minutes.

The DDoS Threat Report also highlights a significant shift in attack durations. While most attacks are short-lived, the report reveals a 103% quarter-over-quarter increase in attacks exceeding three hours in duration.

The formation of the hacktivist alliance known as the “Darknet Parliament” has sent shockwaves through the cybersecurity community. Comprising pro-Russian hacktivist groups Killnet, a resurgence of REvil, and Anonymous Sudan, this collective has unveiled its plans to unleash “massive” cyber attacks on the Western financial system. Their primary target: SWIFT (Society for Worldwide Interbank Financial Telecommunication), the backbone of global financial transactions. With European and US banks, as well as the US Federal Reserve System, in their sights, a successful DDoS attack on SWIFT could have severe consequences, potentially crippling financial institutions’ ability to conduct secure global transactions. The potential impact underscores the critical need for robust cybersecurity measures within the financial sector to thwart these determined threats.

Another area of concern is the rise of highly-randomized and sophisticated HTTP DDoS attacks. Threat actors behind these attacks have demonstrated an ability to imitate browser behavior accurately, making detection and differentiation between attack traffic and legitimate user traffic more challenging. These sophisticated attacks, once attributed to state-level actors, are now accessible to cybercriminals, as evidenced by recent targeted attacks on prominent businesses.

Cloudflare emphasizes the importance of intelligent and automated protection against such attacks, utilizing threat intelligence, traffic profiling, and machine learning/statistical analysis. Implementing effective DDoS protection measures, including increased caching where applicable, can help mitigate the risks posed by these advanced attacks.

InternetIntelligence.eu readers are encouraged to explore the complete DDoS Threat Report on Cloudflare’s blog to gain deeper insights into the evolving DDoS landscape, emerging threats, and best practices for protection.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.