Why malicious internet traffic is increasing at an alarming rate
Cloudflare, a prominent content delivery network and security services firm, has disclosed that nearly 6.8% of all internet traffic is malicious. This figure marks a whopping 1% increase from the previous year's data. The firm's recent State of Application Security Report, indicates that this surge in cyber threats is primarily fueled by global events such as wars and elections.
Pro-Russian hacktivist groups target Western websites
The report highlights that a significant number of attacks on Western-interest websites, are orchestrated by pro-Russian hacktivist groups like REvil, KillNet, and Anonymous Sudan. It also underscores the alarming rate at which new vulnerabilities are exploited. For example, an attempt to exploit a JetBrains TeamCity DevOps authentication bypass was made only 22 minutes after the proof-of-concept code was published. This rapid exploitation often outpaces most organizations' ability to read security advisories or patch their systems.
Rise in zero-day exploits and importance of security patches
Cloudflare's report also points to an increase in zero-day exploits, with Google reporting 97 such incidents exploited in the wild in 2023. The report emphasizes that cyber attackers often target old, known vulnerabilities. This makes it crucial for organizations to promptly apply security patches to their systems. The report serves as a stark reminder of the importance of staying updated with security advisories, and implementing necessary patches without delay.
DDoS attacks remain preferred method for cybercriminals
Distributed Denial of Service (DDoS) attacks continue to be the favored method of attack for cybercriminals, accounting for more than 37% of all mitigated traffic. In the first quarter of 2024 alone, Cloudflare blocked unique 4.5 million DDoS attacks. This figure represents around a third of all DDoS attacks they mitigated in the previous year. The sophistication and scale of these attacks are also on the rise, indicating an evolving threat landscape.
Unprecedented scale of DDoS attacks in 2023
In August 2023, Cloudflare stopped a massive HTTP/2 Rapid Reset DDoS attack that peaked at an unprecedented 201 million requests per second (RPS). This figure is three times bigger than any previously observed attack. Google Cloud also reported experiencing its largest DDoS attack ever, peaking at 398 million RPS. To put this into perspective, Google Cloud got more RPS in two minutes, than Wikipedia saw traffic during the entire month of September 2023.
API security and the threat of unawareness
The report underscores the growing importance of application programming interface (API) security. With 60% of dynamic web traffic now API-related, these interfaces have become prime targets for attackers. Alarmingly, many firms are not aware of a quarter of their API endpoints. The average enterprise application now utilizes 47 third-party scripts and connects to nearly 50 third-party destinations, each representing a potential security risk.
Automated bot traffic: A growing concern
Cloudflare's report reveals that around 38% of all HTTP requests processed by the company are classified as automated bot traffic. While some bots provide important services, as many as 93% of bots are potentially harmful. This highlights the need for robust security measures to combat these threats. Companies are advised to protect their websites and net services with defenses from companies like Cloudflare and its rivals, including Akamai CDN, Fastly, and Varnish Software.
