India second-largest source of HTTP-based DDoS attack after China
Distributed denial-of-service (DDoS) attacks are growing significantly across the world, and India ranks second as the largest source of Hypertext Transfer Protocol or HTTP-based DDoS attack traffic in July-September this year after China. China replaced the US as the main source of HTTP DDoS attack traffic in Q3, a report released on Friday.
A DDoS attack occurs when hackers disrupt the normal traffic of a web server by overwhelming it with large volumes of Internet traffic. HTTP as we know is an internet protocol used to send data between a web browser and a website. HTTP-based DDoS attacks usually aim to disrupt a web server by making it unable to process legitimate user requests. If a server is bombarded with more requests than it can process, the server will drop legitimate requests and - in some cases - crash, resulting in degraded performance or an outage for legitimate users.
According to the report by digital infrastructure services provider Cloudflare, attack traffic from China-registered IP addresses increased by 29% year-on-year (YoY) and 19% quarter-on-quarter (QoQ). Following China was India as the second-largest source of HTTP-based DDoS attack traffic that witnessed increase of 61% YoY. India was followed by the US and Brazil," the report said.
The company saw some of the largest attacks on the internet, including a 2.5 Tbps DDoS attack in Q3. The attack was by a Mirai botnet variant - a kind of malware that was used to infect government, consumer, and business devices - that aimed at a popular Minecraft server, Wynncraft, that didn't even notice the attack.
According to John Graham Cumming, chief technology officer of Cloudflare, “Russian-aligned groups are increasing attacks on targets outside of Ukraine”.
Cloudflare saw a 114% YoY increase in application-layer DDoS attacks targeting customers. In Q3, Cloudflare's team automatically detected and mitigated multiple attacks that exceed 1 terabyte per second (Tbps).
"We saw attacks from the same group targeting multiple state websites last week as well. HTTP DDoS attacks have increased by 111% compared to Q3 2021, and have become cheaper and more accessible to launch, which contributes to their continued growth and presence around the globe," Cumming said. Besides, gaming and gambling was the most targeted industry, seeing a massive 381% increase this quarter.
Additionally, Q3 also saw ransom DDoS attacks increase for the third quarter in a row. September saw almost one out of every four respondents reported receiving a ransom DDoS attack or threat.
In September 2022, a report published by cybersecurity firm NetScout Systems said that the number of DDoS attacks launched in the first half of this year exceeded six million. The challenge, it said, is that it’s never been easier to launch DDoS attacks using botnets that take over billions of internet-connected devices. "The fundamental nature of DDoS attacks hasn’t changed all that much over the decades, but the scale at which they can be conducted has turned them into a much more serious global threat," it said.