Changes to DDoS Attack for the 2nd quarter in 2022

 We are happy to share our report on 2022's Q2's DDoS. The report contains details and trends on DDoS threats. The threat landscape for DDoS is visible all over the world Cloudflare network. An digital version that is interactive is available on Radar.

In the second quarter of 2018 we've witnessed some the largest attacks the world has ever seen with the 26 million requests per second (per second) HTTPS DDoS attack which Cloudflare immediately identified and mitigated. In addition, attacks against Ukraine as well as Russia continue and a completely novel DDoS Ransom campaign was revealed.

The Highlights

Ukrainian and Russian Internet

• The combat on the field is followed by attacks directed at the diffusion of information.
• Broadcast Media companies that are based in Ukraine were among the top targets in the second quarter of 2018, the quarter that was dominated due to DDoS attacks. Actually, all of the companies that are listed in the top five most targeted areas are all associated with publishing, internet media, and broadcasting.
• In Russia However in contrast, Online Media drops as the industry that is targeted the most and is now third place. Then, it climbs the ranks. Banking, Financial Services and Insurance (BFSI) companies located in Russia were among the most targeted during the second quarter of 2018 almost 45 percent of all applications layer DDoS attacks targeting BFSI businesses. BFSI sector. Businesses that deal with cryptocurrency in Russia were second on the list of companies that were that were hit.

Learn details about what Cloudflare does to block the Open Internet flowing into Russia and stop attacks from spreading across the world.

Ransom DDoS attacks

• Recently, there's been an ongoing spate of Ransom DDoS attacks by entities who claim they are"the Fancy Lazarus.
• The month of June 2022, saw ransom attacks reach their highest levels this year. One in five people who've experienced a DDoS attack was claiming to have been harmed by a Ransom DDoS attack, or any other threat.
• In Q2 all-inclusive, the number that ransom DDoS attacks was up by 11% during QoQ.

Application-layer DDoS attacks

• The 2022 period the applications layer DDoS attacks have grown by 75 percent YoY.
• Organizations based inside the US were the most frequently targeted and targeted, and then following by Cyprus, Hong Kong, and China. There were more attacks targeting companies in Cyprus increased by 166% in the span of a quarter.
• The Aviation & Aerospace industry was the most prominent during the second quarter. It was then followed by Internet industry Banking, Financial Services and Insurance and Gaming / Gambling in fourth place.

Network-layer DDoS attacks

• In 2022's second quarter of 2022's 2022's the network layer DDoS attacks were up 110 percent YoY. Attacks with 100 Gbps or higher were up by 8% every month. Attacks lasting more than 3 hours were up 12 percent in QoQ.
• The top industries targeted were Telecommunications, Gaming / Gambling and the Information Technology and Services industry.
• Organisations inside the US were targeted the most and closely followed by China, Singapore, and Germany.

The report was based on DDoS attacks which were detected and reduced by Cloudflare's DDoS Protection systems. To learn more about the method, read this blog post about a deep dive.

Note on how we evaluate DDoS attacks that we have witnessed in our own network

To analyze patterns in attacks, we determine"DDoS activity" as well as the "DDoS actions" rate which is the proportion of traffic that is targeted from the total traffic (attack or clean) that Cloudflare's global networks, as well as the exact area or region (e.g. sector, industry or the country in which billing is made). Calculating the percentages allows for the normalization of data and also to eliminate distortions that can be seen in the figures, for such as an Cloudflare Data Center that sees more traffic overall as well as be more specific.

Ransom Attacks

Our systems continually monitor traffic and take action whenever DDoS attacks are discovered. Every customer affected by DDoS is alerted through an automated questionnaire to aid us in understanding how attacks function and also the effectiveness of mitigation.

Since more than 2 years now, Cloudflare has been surveying the victims of attacksand one of the most important questions being whether they've received ransom notes or threats demanding payment in exchange for a halt in the DDoS attack.

The proportion of users who have reported threats or ransom note during the second quarter increased by 11% between the QoQ and the YoY. This time, we've concentrated on decreasing DDoS attacks targeted at ransom, which are being carried out by companies which claim to be belonging to"the Advanced Persistent Threat (APT) group "Fancy Lazarus". The attack is focused on financial institutions, cryptocurrency. businesses.

The percentage of respondents who reported having been victims of an ransom DDoS attack or were threatened prior to the attack.

When we go back to Q2 of Q2 we can observe that in June the five respondents received the ransom DDoS attack or threatened the most amount of DDoS attacks for 2022, and the most since December. 2021.

Application-layer DDoS attacks

Application-layer DDoS (ALD) attack,, in particular HTTP DDoS attacks, usually are created to cause disruption to a server, rendering it unfit to process legitimate requests made by users. If the server is hit with demands that it is not able to handle it will cease processing legitimate requests and in certain instances, it may fail, resulting in an increase in performance , or even an outage for legitimate customers.

Application layer DDoS attacks per month

In the second quarter of the year Application layer DDoS attacks increased by 72 percent Year-over-year.

In the Q2 of the year, the number that was attributed to application layer DDoS attacks increased by 72% YoY. However, it fell by 5percent over the period of QoQ. May was the month with the highest activity in the quarter. Around four-fifths (four-fifths) of Application Layer DDoS attacks were launched in May. The highest number of attacks took place during the month of June (28 per cent).

Attacks on the Application Layer DDoS are carried out in the market

Attacks against Aviation and Aerospace industry increased by 493% during the period of a quarter.

In the second quarter of 2018, Aviation and Aerospace was the most targeted industry by applications layer DDoS attacks. After that came to the Internet segment, Banking, Financial Institutions and Insurance (BFSI) sector and fourth place in the gaming/gambling sector.

Ukraine together with Russia cyberspace

Media and publishing firms are among those which are most at risk of being attack within Ukraine.

As the war in Ukraine continues both on the ground and on the air, on the sea, and online. Companies targeting Ukrainian enterprises are attempting to hinder information. Five of the most areas targeted within Ukraine comprise the industry of broadcasting Internet and the publishing of online media, and producing most of DDoS attacks targeting Ukraine.

However, during the conflict, Russian Banks, Financial Institutions and Insurance (BFSI) businesses were most attacked. About 45 percent of DDoS attacks were targeted at BFSI businesses. BFSI sector. The second most targeted industry was the Cryptocurrency industry as well as the Media online.

On both sides of this conflict, it is possible to observe an attack which is spreading and demonstrates the use of global botnets distributed across the globe.

Attacks on the Application Layer DDoS carried out by nations of the origin

In the first quarter, attacks from China dropped in 78% whereas attacks from the US decreased by 43 percent..

To find out the origin of HTTP security attacks, you'll need to determine where the IP address is which belongs to the person who created these specifically targeted HTTP requests. Contrary to attacks that use network layer, IP addresses aren't modified to create an HTTP attacks. A significant percentage of DDoS activity in a certain country doesn't necessarily mean that this particular country is responsible for the attacks rather it is an indication that botnets are operating within the boundaries within the borders of the nation.

This is another time, for succession and this time, the United States tops the charts as the primary cause of HTTP DDoS attacks. The next position after this is China in second position followed by Germany along with India. US follows China at second place in second place, and India and Germany on the 4th and 3rd places. Although it was true that the US was still at the top position, attacks from the US decreased by 48% during the QoQ. Attacks from different regions grew and attacks from India were up by 87%. Attacks came from Germany were at 33%, while attacks from Brazil increased by 67 percent.

Application layer DDoS attacks on target countries

To determine which countries are targeted by the most number of HTTP DDoS attacks. We then put together the DDoS attacks on those countries that our customers' bills are to, and then show it as percentages derived from every DDoS attacks.

HTTP DDoS attacks that target US-based nations were up 67% over the past quarter, pushing US-based companies towards be in US returning to top being the top target of all the application layer DDoS attacks. Attacks on Chinese enterprises fell by 80percent in QoQ which dropped it from the top spot to fourth. Attacks targeting Cyprus increase by 167 percent and makes it the second-most targeted country in the second quarter. Following Cyprus is Hong Kong, China, and the Netherlands.

Network-layer DDoS attacks

Attacks on the application layer attack applications (Layer 7 of the OSI model) which runs the service to which users would like to connect to (HTTP/S in our case) attack on the network layer aims to attack the infrastructure of the network (such as in-line routers, servers in-line, and in-line servers) and also an Internet connectivity itself.

DIGITAL DEVICES LTD

Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.

 Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.