January 15, 2024 at 11:44AM
The environmental services sector experienced a significant increase in HTTP-based DDoS attacks, with a 61,839% surge year-over-year, coinciding with global environmental events. Cybersecurity experts emphasized the growing intersection of environmental issues and cybersecurity. Cryptocurrency remains the primary target, with the U.S. and China being the main sources of attack traffic. Palestinian and Taiwanese websites also faced substantial increases in DDoS attacks amid geopolitical events. Additionally, there is a rising threat from unmanaged API endpoints.
From the meeting notes, the key takeaways are:
1. The environmental services industry experienced an unprecedented surge in HTTP-based distributed denial-of-service (DDoS) attacks, with a 61,839% increase in DDoS attack traffic year-over-year, coinciding with international climate events.
2. The cryptocurrency industry continues to be the primary target of HTTP DDoS attacks, followed by gaming, gambling, and telecommunications.
3. The U.S. and China remain the main sources of HTTP DDoS attack traffic, accounting for over a quarter of all attack traffic, while Brazil, Germany, Indonesia, and Argentina account for the next 25%.
4. Cloudflare reported a significant increase in DDoS attack traffic targeting Palestinian websites and Taiwan, coinciding with geopolitical events.
5. DDoS attacks have become more frequent, longer, sophisticated, and focused on attacking multiple IP destinations, according to Akamai’s retrospective on DDoS trends in 2023.
6. Unmanaged or unsecured API endpoints pose an increasing threat, with HTTP anomalies being common signals of malicious API requests, notably ‘429’ error codes constituting more than half of traffic errors from API origins.
This summary captures the significant trends and developments discussed in the meeting notes.