The Indusface AppSec Q3, 2023 Report highlights a drastic 67% rise in Distributed Denial-of-Service (DDoS) attacks compared to the previous quarter. More than 41% of websites encountered signs of these assaults, originating from various global regions like India, the US, Germany, the UK, and Singapore. Major companies like Microsoft and OpenAI suffered significant service disruptions due to these attacks, signaling a growing threat to businesses of all sizes.
Anonymous Sudan, a politically and religiously motivated hacktivist group, emerged as a key player behind these assaults, notably associated with tags like #OpSweden and #OpDenmark. Leveraging intricate techniques involving Web DDoS attacks and employing cloud-based infrastructures, they orchestrated massive assaults, highlighting the evolving nature of cyber threats. The surge in attacks capitalized on vulnerabilities such as the HTTP/2 Rapid Reset flaw, culminating in a 100 million Requests Per Second (RPS) attack, impacting cloud services like AWS, Cloudflare, Google Cloud, and Fastly.
The report underscores the critical need for robust DDoS mitigation strategies, advocating behavioral-based protection, traffic rate limiting, and reducing attack surface exposure to counter these escalating threats.
