Environmental Services Sector Hit by a Massive Increase in DDoS Attacks

The environmental services industry saw an unprecedented 61,839% surge in HTTP-based DDoS attacks, comprising half of its HTTP traffic, as reported by Cloudflare’s Q4 2023 threat report.

The rise in HTTP attacks on environmental services aligns with an annual trend during events such as the UN Climate Change Conferences COP 26 and COP 27. Despite becoming a new target in Q4 2023, the cryptocurrency industry remains the primary casualty, with over 330 billion HTTP requests, representing over 4% of total HTTP DDoS traffic. Gaming, gambling, and telecommunications rank as the second and third most attacked industries.

The U.S. and China are the main sources of HTTP DDoS attack traffic, with the U.S. holding this position for five consecutive quarters since Q4 2022. Together, China and the U.S. contribute to just over a quarter of global HTTP DDoS attack traffic, while Brazil, Germany, Indonesia, and Argentina account for the next 25%.

Notably, there’s a surge in DDoS attacks targeting Palestinian and Taiwanese websites. Palestinian sites saw a 1,126% quarter-over-quarter growth, and Taiwan experienced a 3,370% growth amid presidential elections and rising tensions with China.

Akamai’s retrospective on DDoS Trends in 2023 revealed that DDoS attacks became more frequent, longer, sophisticated, and focused on horizontal targets, attacking multiple IP destinations in the same event.

Cloudflare’s report emphasized the rising threat of unmanaged or unsecured API endpoints, posing a risk of sensitive information exfiltration. HTTP anomalies, particularly ‘429’ error codes (‘Too Many Requests’), were identified as common signals of malicious API requests, constituting over half (51.6%) of traffic errors from API origins.

Read more about this topic from the following page:

The Cloudflare Blog
DDoS threat report for 2023 Q4
https://blog.cloudflare.com/ddos-threat-report-2023-q4