STOCK TITAN

Radware’s First Half 2024 Report: Web DDoS Attacks Climb 265%

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags

Radware's H1 2024 Global Threat Analysis Report reveals a significant surge in cyber attacks, with web DDoS attacks climbing 265% compared to H2 2023. Key findings include:

- Application-Layer DNS DDoS attacks quadrupled vs H1 2023
- North American online applications faced 66% of web attacks
- EMEA organizations bore over 90% of web DDoS attacks
- Finance sector experienced 44% of network-layer DDoS attacks
- Pro-Russian attacks on Ukraine doubled compared to 2023 average

The report highlights increased attack volumes, with EMEA seeing a 293% growth in average DDoS volume blocked per organization. Hacktivist activities remained high, with 1,000-1,200 claimed attacks monthly. The finance industry was the primary target for both network-layer DDoS (44%) and DNS DDoS attacks (52%).

Il Rapporto di Analisi delle Minacce Globali H1 2024 di Radware rivela un notevole aumento degli attacchi informatici, con un incremento del 265% degli attacchi DDoS web rispetto al H2 2023. I principali risultati includono:

- Gli attacchi DDoS DNS a livello applicativo sono quadruplicati rispetto al H1 2023
- Le applicazioni online nordamericane hanno subito il 66% degli attacchi web
- Le organizzazioni EMEA hanno sopportato oltre il 90% degli attacchi DDoS web
- Il settore finanziario ha subito il 44% degli attacchi DDoS a livello di rete
- Gli attacchi filorussi all'Ucraina sono raddoppiati rispetto alla media del 2023

Il rapporto evidenzia l'aumento dei volumi di attacco, con l'EMEA che ha registrato una crescita del 293% del volume medio di DDoS bloccato per organizzazione. Le attività hacktiviste sono rimaste elevate, con 1.000-1.200 attacchi dichiarati ogni mese. L'industria finanziaria è stata il principale obiettivo sia degli attacchi DDoS a livello di rete (44%) che degli attacchi DDoS DNS (52%).

El Informe de Análisis de Amenazas Globales H1 2024 de Radware revela un aumento significativo en los ciberataques, con un incremento del 265% en los ataques DDoS web en comparación con el H2 2023. Los principales hallazgos incluyen:

- Los ataques DDoS DNS a nivel de aplicación se cuadruplicaron en comparación con el H1 2023
- Las aplicaciones en línea de América del Norte enfrentaron el 66% de los ataques web
- Las organizaciones de EMEA soportaron más del 90% de los ataques DDoS web
- El sector financiero experimentó el 44% de los ataques DDoS a nivel de red
- Los ataques prorrusos a Ucrania se duplicaron en comparación con el promedio de 2023

El informe destaca el aumento en los volúmenes de ataque, con EMEA viendo un crecimiento del 293% en el volumen medio de DDoS bloqueado por organización. Las actividades hacktivistas se mantuvieron altas, con 1.000-1.200 ataques declarados mensualmente. La industria financiera fue el objetivo principal tanto de los ataques DDoS a nivel de red (44%) como de los ataques DDoS DNS (52%).

Radware의 2024년 상반기 글로벌 위협 분석 보고서는 사이버 공격의 상당한 증가를 드러내며, 웹 DDoS 공격이 265% 증가했습니다는 H2 2023과 비교됩니다. 주요 발견 사항은 다음과 같습니다:

- 애플리케이션 계층 DNS DDoS 공격이 H1 2023와 비교해 4배 증가했습니다
- 북미의 온라인 애플리케이션이 웹 공격의 66%에 직면했습니다
- EMEA 조직이 웹 DDoS 공격의 90% 이상을 감당했습니다
- 금융 부문이 네트워크 계층 DDoS 공격의 44%를 경험했습니다
- 친러시아 공격이 우크라이나에 대해 2023년 평균 대비 두 배로 증가했습니다

보고서는 공격 볼륨의 증가를 강조하며, EMEA는 조직당 차단된 평균 DDoS 볼륨이 293% 증가했습니다. 해적 활동이 여전히 높아, 월간 1,000-1,200건의 주장된 공격이 발생했습니다. 금융 산업은 네트워크 계층 DDoS 공격(44%)과 DNS DDoS 공격(52%) 모두의 주요 목표였습니다.

Le Rapport d'Analyse des Menaces Mondiales H1 2024 de Radware révèle une augmentation significative des cyberattaques, avec une hausse de 265% des attaques DDoS Web par rapport au H2 2023. Les principales conclusions incluent :

- Les attaques DDoS DNS au niveau de l'application ont quadruplé par rapport à H1 2023
- Les applications en ligne nord-américaines ont subi 66% des attaques Web
- Les organisations EMEA ont supporté plus de 90% des attaques DDoS Web
- Le secteur financier a connu 44% des attaques DDoS de couche réseau
- Les attaques prorusses contre l'Ukraine ont doublé par rapport à la moyenne de 2023

Le rapport souligne l'augmentation des volumes d'attaque, l'EMEA enregistrant une croissance de 293% du volume moyen de DDoS bloqué par organisation. Les activités hacktivistes sont restées élevées, avec 1 000 à 1 200 attaques revendiquées par mois. L'industrie financière a été la principale cible des attaques DDoS de couche réseau (44%) et des attaques DDoS DNS (52%).

Der Radware Global Threat Analysis Report H1 2024 zeigt einen signifikanten Anstieg von Cyberangriffen, wobei Web DDoS-Angriffe um 265% im Vergleich zum H2 2023 gestiegen sind. Zu den wichtigsten Ergebnissen gehören:

- DNS DDoS-Angriffe auf Anwendungsebene haben sich im Vergleich zu H1 2023 vervierfacht
- Nordamerikanische Online-Anwendungen sahen sich 66% der Webangriffe gegenüber
- EMEA-Organisationen trugen über 90% der Web-DDoS-Angriffe
- Der Finanzsektor erlebte 44% der Netzwerk-DDoS-Angriffe
- Pro-russische Angriffe auf die Ukraine verdoppelten sich im Vergleich zum Durchschnitt von 2023

Der Bericht hebt die steigenden Angriffsmengen hervor, wobei EMEA ein Wachstum von 293% im durchschnittlichen DDoS-Volumen pro Organisation verzeichnete. Hacktivistaktivitäten blieben hoch, mit 1.000-1.200 gemeldeten Angriffen pro Monat. Die Finanzindustrie war das Hauptziel sowohl für Netzwerk-DDoS (44%) als auch für DNS-DDoS-Angriffe (52%).

Positive
  • Web DDoS attacks increased by 265% globally compared to H2 2023
  • Application-Layer DNS DDoS attack activity quadrupled compared to H1 2023
  • Average DDoS volume blocked per organization grew by 293% in EMEA, 116% in the Americas, and 302% in APAC
  • Web application and API attacks increased by 22% compared to H2 2023
Negative
  • EMEA organizations faced over 90% of web DDoS attacks
  • Finance organizations experienced 44% of network-layer DDoS attacks globally
  • The average number of Pro-Russian attacks targeting Ukraine doubled compared to 2023
  • North American online applications and APIs shouldered 66% of web attacks

Insights

The 265% surge in Web DDoS attacks during H1 2024 is a significant concern for businesses globally. This escalation, coupled with the quadrupling of DNS DDoS attacks, indicates a rapidly evolving threat landscape. The 4.5 million RPS average and 14.7 million RPS peak in a recent attack campaign demonstrate the increasing sophistication of threat actors.

Of particular note is the 293% growth in average DDoS volume blocked per organization in EMEA, suggesting a targeted approach by attackers. The finance sector, bearing 44% of network-layer DDoS attacks and 52% of DNS DDoS attacks, appears to be the primary target. This concentration of attacks on financial institutions could potentially impact market stability and investor confidence.

The report underscores the significant impact of geopolitical tensions on cybersecurity. The doubling of Pro-Russian attacks on Ukraine and the high number of attacks on Israel (542 claimed attacks) reflect ongoing conflicts. The targeting of government websites, particularly in Ukraine, Israel and India, suggests attempts to disrupt national infrastructure and potentially influence public opinion.

The mention of upcoming events like the U.S. election and concerns over decelerating financial markets as potential catalysts for increased cyber disruption is particularly worrying. These factors could lead to market volatility and impact investor sentiment across various sectors. The rise of hacktivist activities, with groups like NoName057(16) claiming 1,902 attacks, adds another layer of unpredictability to the global cybersecurity landscape.

The report highlights a important trend: the growing emphasis on attacking application infrastructure. This shift suggests that threat actors are adapting their strategies to target more critical and potentially vulnerable parts of business operations. The 22% increase in web application and API attacks is particularly concerning, as these are often gateways to sensitive data and core business functions.

The prediction that AI technology, especially large language models, will be increasingly adopted by threat actors is a red flag for tech companies and their investors. This trend could lead to more sophisticated and harder-to-detect attacks, potentially increasing cybersecurity costs and risks across all sectors. Companies that can innovate in AI-powered defense mechanisms may see increased market interest and potential growth opportunities.

Worldwide geopolitical tensions drive attacks with emphasis on the application infrastructure

News Highlights
In the first half of 2024:

  • Application-Layer DNS DDoS attack activity quadruples compared to the first half of 2023
  • North American online applications and APIs shoulder 66% of web attacks
  • EMEA organizations face more than 90% of web DDoS attacks
  • Finance organizations experience 44% of network-layer DDoS attacks
  • The average number of Pro-Russian attacks targeting Ukraine doubles compared to the average number in 2023

MAHWAH, N.J., Aug. 15, 2024 (GLOBE NEWSWIRE) -- Radware® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, released its H1 2024 Global Threat Analysis Report.

“During the first half of 2024, high-intensity, volumetric attacks surged, marked by a growing emphasis on the application infrastructure,” said Pascal Geenens, Radware’s director of threat intelligence. “World-wide geopolitical tensions, including conflicts in Europe and the Middle East, as well as international events, like country elections, Eurovision, UEFA Euro, and the Olympics, continue to drive malicious activity. In the back half of the year, we expect attacks to continue to climb, as more threat actors adopt AI technology democratized through increasingly powerful and publicly available large language models. The gravity of the upcoming election in the United States and concerns over decelerating financial markets are also set to fuel cyber disruption.”

Radware’s report leverages intelligence provided by network and application attack activity sourced from the company’s Cloud and Managed Services and threat intelligence research team. In addition, it draws from information found on Telegram, a public messaging platform often used by cybercriminals.

Web DDoS attacks climb more than 200%
Web DDoS attacks made significant gains in frequency and intensity.

  • Number of attacks: In the first half of 2024, Web DDoS attacks surged globally 265% compared to the second half of 2023.
  • Geographic targets: Organizations in EMEA were the primary target of Web DDoS attacks between January and June of 2024, shouldering more than 90% of the attacks.

Recently, Radware reported a record-breaking six-day Web DDoS attack campaign, targeting a financial institution. It consisted of multiple waves, which lasted 4- to 12-hours, amounting to a total of 100 hours of attack time and sustaining an average of 4.5 million RPS with a peak of 14.7 million RPS.

Network-layer DDoS attack volumes increase exponentially
During the first half of 2024:

  • Attack volume: Average DDoS volume blocked per organization grew by 293% in EMEA, 116% in the Americas, and 302% in APAC, compared to the same period in 2023.
  • Geographic targets:         
    • The Americas faced 58% of global attacks and 37% of the volume, while EMEA accounted for 23% of the attacks but mitigated 56% of the global volume.
    • The APAC region accounted for almost 19% of attacks and 7% of the global volume.
  • Industry targets: Globally, finance organizations experienced the highest attack activity (44%), followed by healthcare (17%), technology (10%), and government (7%).

Application-layer DNS DDoS attack activity quadruples
Between January and June of 2024:

  • Attack activity:
    • DNS DDoS attack activity quadrupled compared to the first half of 2023.
    • The number of malicious DNS queries grew by 76% compared to the total number of queries observed during all of 2023.
  • Industry targets: Finance was the most targeted industry, representing 52% of the total Layer 7 DNS Flood attack activity. Healthcare, telecom, and research and education were other notable industries.

Hacktivist DDoS activity continues unabated
During the first half of 2024, the hacktivist landscape remained dynamic with constant DDoS activities. According to data gathered from Telegram:

  • Number of attacks: Hacktivist-driven DDoS attacks hovered between 1,000 to 1,200 claimed attacks per month.
  • Top actors claiming DDoS attacks: NoName057(16) remained the most active threat actor by a significant margin, claiming 1,902 attacks, followed by Executor DDoS (577 claimed attacks) and Cyber Army of Russia Reborn (437 claimed attacks).
  • Geographic targets: Ukraine was the most targeted country with 741 claimed attacks compared to 744 attacks in all of 2023. The United States ranked second (604 claimed attacks), followed by Israel (542 claimed attacks), and India (364 claimed attacks).
  • Website targets: Government websites were top hacktivist targets, especially in Ukraine, Israel and India. Business and economy followed by travel were the second and third most targeted websites respectively.

“Following the conflict between Russia and Ukraine, Telegram has continued to inspire many hacktivists and other ill-intended groups to make a move for the platform,” said Geenens. “It’s become a major hub for cyber criminals, making it easier for them to recruit volunteers, build global alliances, create and sell attack services, and exchange cryptocurrency.”

Web application and API attacks rise
During the first half of 2024:

  • Number of attacks: Web application and API attacks increased by 22% compared to the second half of 2023.
  • Geographic targets: The majority of web attacks (66%) were targeting applications and APIs located in North America. Applications in EMEA accounted for 23% of the attack activity.

Radware’s complete 2024 Global Threat Analysis Report can be downloaded here.

About Radware
Radware® (NASDAQ: RDWR) is a global leader in application security and delivery solutions for multi-cloud environments. The company’s cloud application, infrastructure, and API security solutions use AI-driven algorithms for precise, hands-free, real-time protection from the most sophisticated web, application, and DDoS attacks, API abuse, and bad bots. Enterprises and carriers worldwide rely on Radware’s solutions to address evolving cybersecurity challenges and protect their brands and business operations while reducing costs. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on: Facebook, LinkedIn, Radware Blog, X, YouTube, and Radware Mobile for iOS.

©2024 Radware Ltd. All rights reserved. Any Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the U.S. and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.

THIS PRESS RELEASE AND THE RADWARE H1 2024 GLOBAL THREAT ANALYSIS REPORT ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THESE MATERIALS ARE NOT INTENDED TO BE AN INDICATOR OF RADWARE'S BUSINESS PERFORMANCE OR OPERATING RESULTS FOR ANY PRIOR, CURRENT, OR FUTURE PERIOD.

Radware believes the information in this document is accurate in all material respects as of its publication date. However, the information is provided without any express, statutory, or implied warranties and is subject to change without notice.

The contents of any website or hyperlinks mentioned in this press release are for informational purposes and the contents thereof are not part of this press release.

Safe Harbor Statement
This press release includes “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware’s plans, outlook, beliefs, or opinions, are forward-looking statements. Generally, forward-looking statements may be identified by words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plans,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,” “may,” and “could.” For example, when we say in this press release that in the back half of the year, we expect attacks to continue to climb, as more threat actors adopt AI technology democratized through increasingly powerful and publicly available large language models, we are using forward-looking statements. Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware’s current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions, including as a result of the state of war declared in Israel in October 2023 and instability in the Middle East, the war in Ukraine, and the tensions between China and Taiwan; our dependence on independent distributors to sell our products; our ability to manage our anticipated growth effectively; a shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs; our business may be affected by sanctions, export controls, and similar measures, targeting Russia and other countries and territories, as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries; the ability of vendors to provide our hardware platforms and components for the manufacture of our products; our ability to attract, train, and retain highly qualified personnel; intense competition in the market for cyber security and application delivery solutions and in our industry in general, and changes in the competitive landscape; our ability to develop new solutions and enhance existing solutions; the impact to our reputation and business in the event of real or perceived shortcomings, defects, or vulnerabilities in our solutions, if our end-users experience security breaches, if our information technology systems and data, or those of our service providers and other contractors, are compromised by cyber-attackers or other malicious actors or by a critical system failure; outages, interruptions, or delays in hosting services; the risks associated with our global operations, such as difficulties and costs of staffing and managing foreign operations, compliance costs arising from host country laws or regulations, partial or total expropriation, export duties and quotas, local tax exposure, economic or political instability, including as a result of insurrection, war, natural disasters, and major environmental, climate, or public health concerns, such as the COVID-19 pandemic; our net losses in the past two years and possibility we may incur losses in the future; a slowdown in the growth of the cyber security and application delivery solutions market or in the development of the market for our cloud-based solutions; long sales cycles for our solutions; risks and uncertainties relating to acquisitions or other investments; risks associated with doing business in countries with a history of corruption or with foreign governments; changes in foreign currency exchange rates; risks associated with undetected defects or errors in our products; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; laws, regulations, and industry standards affecting our business; compliance with open source and third-party licenses; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware’s Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC), and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at www.sec.gov or may be obtained on Radware’s website at www.radware.com.


FAQ

What was the increase in web DDoS attacks for Radware (RDWR) in H1 2024?

According to Radware's H1 2024 Global Threat Analysis Report, web DDoS attacks surged globally by 265% compared to the second half of 2023.

Which region was the primary target of web DDoS attacks for Radware (RDWR) in H1 2024?

Organizations in EMEA (Europe, Middle East, and Africa) were the primary target of web DDoS attacks, shouldering more than 90% of the attacks between January and June 2024.

What was the growth in DNS DDoS attack activity for Radware (RDWR) in H1 2024?

Radware reported that DNS DDoS attack activity quadrupled in the first half of 2024 compared to the first half of 2023.

Which industry was the most targeted by Layer 7 DNS Flood attacks for Radware (RDWR) in H1 2024?

According to Radware's report, the finance industry was the most targeted, representing 52% of the total Layer 7 DNS Flood attack activity in the first half of 2024.

Radware Ltd.

NASDAQ:RDWR

RDWR Rankings

RDWR Latest News

RDWR Stock Data

936.28M
35.82M
14.7%
76.24%
0.95%
Software - Infrastructure
Technology
Link
United States of America
Tel Aviv