Radver’s global report provides insights into the emerging threat landscape in Israel and around the world. The report is based on the global intelligence provided by monitoring attack activity on the network, information generated from Radver’s managed cloud security services, as well as from Radver’s global deception network and the threat research team of company during 2023. In addition, the report draws from global information found on Telegram, a public messaging platform often used by cybercriminals.
According to global data collected from the Telegram social network:
-
- Number of attacks: In the first half of 2023, attacking groups claimed responsibility for 5,606 attacks.
During the second half, this number increased by 24% to 6,971 DDoS attacks.
- Number of attacks: In the first half of 2023, attacking groups claimed responsibility for 5,606 attacks.
-
- Geographical destinations: In 2023, Israel was the country most attacked by the activists, with 1480 DDoS attacks, followed by India (1242 attacks) and the United States (1164 attacks).
-
- The attack groups that lead in taking responsibility: NoName057(16) with 3,391 DDoS attacks, was by far the most active hacker group in 2023, followed by Anonymous Sudan (793 attacks) and Executor DDoS v2 (765 attacks).
-
- Types of sites that were targets: Worldwide, the most attacked Internet category in 2023 was government with 2,694 reported attacks. Business and travel sites ranked second and third, with 1793 and 1624 attacks, respectively.
Global findings:
-
- Attacks on web applications and APIs increase by 171% as a result of increased DDoS attacks on the network.
-
- Average DDoS attacks per customer almost doubled.
-
- The number of DNS attacks has more than tripled.
-
- Government, business and travel websites face the most common DDoS attacks in the world
The activists attack with relentless persistence
New activist tactics first introduced in 2022 after Russia invaded Ukraine spread and accelerated in 2023. Activist-driven DDoS activity peaked in October 2023 following the conflict between Israel and Hamas.
“In many cyber incidents we have witnessed encrypted and complex DDoS attacks at the internet application level. The attacks used several attack methods at the same time and lasted for many hours and even for several days,” Miren explained. “A growing number of attacker groups are moving to attack at several levels in the network at the same time when their goal is to paralyze web applications and API interfaces, as well as essential infrastructures for online services, such as the DNS system. In Israel we have noticed a sharp increase in these sophisticated methods of operation that have made protection much more challenging” .
Industries in the world that have faced many denial of service attacks
In 2023, organizations in the fields of finance, retail and education experienced the highest rate of cyber-attacks among the world’s leading industries.
Denial of Service (DDOS) attacks in the world:
-
- Financial and technological organizations suffered 29% and 22% of the attacks respectively, about half of which were encrypted network attacks.
-
- Healthcare experienced 14% of attacks, with 92% of attack activity consisting of TCP attack vectors.
-
- Global government organizations had to deal with 12% of the attacks, with the most aggressive attacks (45%) coming in the form of DNS denial of service attacks.
Applicative attacks on web applications and attacks on API:
-
- Retail (37%) and transportation (19%) were the most attacked industries. Software as a service (8%), telecom (8%) and service providers (4%) made up the five most attacked industries.
-
- Organizations in research and education (32%), telecom (25%), technology (19%), finance (10%) and healthcare (6%) were the main targets of DNS denial of service attacks.