TZUTC: -0500   
   MSGID: 315.consprcy@1:2320/105 2c2c4fee   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Web DDoS attacks see major surge as AI allows more powerful attacks   
      
   Date:   
   Tue, 04 Mar 2025 12:21:09 +0000   
      
   Description:   
   Layer 7 Web DDoS attacks increased five-fold in the span of a year as   
   hacktivists use AI to lower the barrier to entry.   
      
   FULL STORY   
      
   There was a noticeable increase in Web Distributed Denial of Service (DDoS)   
   attacks in 2024, largely thanks to Artificial Intelligence (AI) lowering the   
   barrier to entry, experts have claimed.    
      
   A report from cybersecurity experts Radware found Layer 7 Web DDoS attacks   
   skyrocketed by 550% in 2024 compared to the previous year.    
      
   Layer 7 DDoS attacks are also known as application-layer DDoS attacks, and   
   they target the application layer of the OSI model. Instead of overwhelming   
   network bandwidth like traditional volumetric attacks, these attacks focus on   
   exhausting server resources by mimicking legitimate user requests. They   
   exploit vulnerabilities in web applications, APIs, and services by flooding   
   them with HTTP requests, login attempts, or database queries, making it   
   difficult to distinguish real users from malicious traffic.   
      
   More powerful, more disruptive   
      
   Radware says that the increase can be attributed to hacktivist groups   
   leveraging AI-enhanced tools to mount more destructive attacks, easier.    
      
   Multiple catalysts drove the threat revolution witnessed in 2024, including   
   geopolitical conflicts, bigger and more complex threat surfaces, and more   
   sophisticated and persistent threats, said Pascal Geenens, director of threat   
   intelligence at Radware.    
      
   Add to that the impact of AI, which is lowering barriers to entry,    
   multiplying the number of adversaries and enabling even novice actors to   
   successfully launch malicious campaigns, and what you have is a threat   
   landscape that looks very daunting.    
      
   The EMEA region bore the brunt of Web DDoS attacks, the report states,   
   claiming that it accounted for 78% of global incidents. For web application   
   and API attacks, North America was the primary target with 66% of such   
   incidents.    
      
   At the same time, financial institutions and transportation services suffered   
   an almost 400% increase in DDoS attack volume, making them among the   
   hardest-hit industries. Hacktivist-driven attacks also grew by 20% globally,   
   with government institutions emerging as the top targets.    
      
   Beyond Web DDoS incidents, network-layer DDoS attacks have become more   
   powerful and persistent, Radware explained. The average mitigated attack   
   volume rose by 120% in 2024, while the average duration of attacks increased   
   by 37%. The telecommunications sector absorbed the heaviest impact, facing    
   43% of global network DDoS attack volume, followed closely by finance at 30%.   
   The financial sector was also the most targeted industry for Layer 7 DNS   
   attacks, accounting for 44% of global activity.    
      
   The escalations in the threat landscape have significant implications for   
   every sector from finance and telecommunications to government and e-commerce   
   and beyond, Geenens added.    
      
   Organizations are operating in a dynamic environment that demands equally   
   dynamic defense strategies. While bad actors dont have to do their jobs   
   perfectly to have a major impact, defenders do.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/web-ddos-attacks-see-major-surge-as-ai-   
   allows-more-powerful-attacks   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426