The 28th United Nations Climate Change Conference (COP 28), held in Dubai at the end of 2023, led to an “unprecedented increase” in the distributed Denial of Service (DDOS) attacks against environmental services.
In His DDOS -DRIGHTING REPORT FOR 2023 Q4Content Delivery Provider Cloudflare found a peak of 61,839% in HTTP DDOS ATTACK Traffic Targeting Targeting of Environmental Services in the last quarter of 2023 compared to the same period in 2022.
These attacks meant a shift of the earlier domination of cryptocurrency-related DDOS attacks.
DDOS attacks on environmental websites formed half of all observed DDOs in that quarter.
Cloudflare observed a similar trend during the COP26 and COP27 tops and other non-related environmental events and publications.
“In February and March 2023, important environmental events such as the UN resolution on climate law and the launch of the freshwater challenge of the United Nations environmental program may have increased the profile of environmental websites, possibly correlating with an increase in attacks on these sites,” the report reads.
“This recurring pattern underlines the growing intersection between environmental problems and cyber protection, a Nexus that is increasingly becoming a focal point for attackers in the digital age.”
What is an HTTP DDOS attack?
A DDOS attack is a kind of cyber attack that wants to disrupt websites and online services for users, making them not available by overwhelming them with more traffic than they can handle.
“They are similar to car gridlocks that weigh, so drivers cannot get to their destination,” Cloudflare researchers wrote.
Sometimes threat factors use networks of devices, called Botnets, programmed to automatically send requests to the same website to perform DDOS attacks.
In the report, Cloudflare identified three main types of DDOS -attacks:
- HTTP application intensive DDOS attacks: they strive to overwhelm HTTP servers with more requests than they can cause an event of a denial-of-service
- IP package-intensive DDOS attacks: they want to overwhelm in in-line devices such as routers, firewalls and servers with more packages than they can handle
- Bit-intensive attacks: they want to saturate and hide the internet connection, so that a ‘gridlock’
2023 DDOS in numbers
Worldwide, DDOS attacks flourished in 2023, according to Cloudflare.
The supplier of content delivery said that the internet community was confronted with a continuing and deliberately designed campaign of thousands of Hyper-Volumetric DDOS attacks at never previously seen rates.
In 2023, CloudFlare said that it consists of more than 5.2 million HTTP DDOS attacks from more than 26 trillion requests.
“Despite these astronomical figures, the amount of HTTP DDOS attacks actually fell by 20% compared to 2022,” Cloudflare wrote.
On the other hand, the Network Layer DDOS attacks of IP package-intensive and bit-intensive attacks rose.
“Our automated defenses reduced 8.7 million DDOS attacks of the network layer in 2023. This represents an increase of 85% compared to 2022.”
In Q4, Cloudflare observed an increase of 117% on an annual basis of Network-Layer DDOS attacks, with a specific targeting of websites for retail, shipping and public relations during and around Black Friday and the holidays.
The largest DDOS attack ever took place in the third quarter of 2023, with 201 million applications per second (RPS)-Bijna eight times more important than the previous record of 26 million RPs, reported in 2022.
Moreover, the refinement of DDOS attacks in 2023 was unprecedented, with some exploitation of vulnerabilities in the HTTP/2 protocol, the second important version of the standard protocol for data communication on the internet.
Rise in Israel-Palestine and Taiwan-related DDOS attacks
Other findings of the DDOS attack report from CloudFlare include:
- An increase in DDOS valid activity with regard to the Israeli-Hamas war, in which DDOS-attacking traffic is aimed at Israeli websites that grow by 27% quarter-over Quarter, and with p 1,126% quarter-over quartal for traffic on Palestinian websites.
- An increase in DDOS attacks on Taiwan-related websites, where Q4 2023 registered a growth of 3,370% compared to Q4 2022
In order to put together for every three -month data on DDOS attacks, CloudFlare automatically examines any attacked customer about the nature of the attack and the success of the mitigation.
In the past two years, Cloudflare has collected an average of 164 answers per quarter.