SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
IoT
#
Asia Pacific
#
Cloudflare
Cloudflare releases Q3 2023 report on global DDoS attack and internet disruption trends
Tue, 31st Oct 2023
Author image
By Kaleah Salmon, Journalist
Follow us

Cloudflare's Q3 2023 report on global DDoS (Distributed Denial of Service) attack trends, as well as its Q3 Internet Disruptions report, unveils insights drawn from its network that spans 300 cities across more than 100 countries.

The report provides a singular perspective on internet resilience based on data that speak to the range of internet disruptions globally.

Notable findings include the mitigation of thousands of attacks stemming from the HTTP/2 campaign, a substantial increase in HTTP DDoS traffic, and an astonishing bombardment of the gaming and gambling industries by attackers.

Cloudflare experienced the most significant attack on record due to HTTP/2, mitigating thousands of hyper-volumetric HTTP DDoS attacks, 89 of which exceeded 100 million requests per second (rps).

The most significant attacks peaked at 201 million rps, three times larger than the previous record attack of 71M rps.

Moreover, there was a 65% rise in HTTP DDoS attack traffic in Q3, mainly due to the HTTP/2 campaign. Layer 3 or 4 (L3/4) DDoS attacks also increased by 14%.

Industries related to gaming and gambling experienced the most significant volume of HTTP DDoS attack traffic, surpassing the previously most attacked industry, cryptocurrency.

In the Asia Pacific, the cryptocurrency industry remained the most attacked for the second consecutive quarter. Gaming and gambling were second in line, with Information Technology and Service companies coming in third.

The US continued to be the primary target of HTTP DDoS attacks, with nearly 5% of all such attack traffic. Singapore and China were the second and third most targeted, correspondingly.

Cloudflare's Q3 2023 report also revealed that Government-directed internet shutdowns were seen in Iraq, intended to prevent cheating on exams. The plan involved multiple rounds of shutdowns across three months. In July and August, Gabon, Senegal, and Ethiopia also implemented politically motivated internet shutdowns.

Furthermore, connectivity issues arose due to natural disasters. Wildfires in Hawaii caused power outages and disrupted Internet connectivity, with traffic to Cloudflare from Lahaina dropping to near zero around 21:00 local time on August 7 (07:00 UTC on August 8) and remaining minimal levels through August 30.

The September 8 earthquake in Morocco also impacted Internet connectivity, causing an immediate 64% drop in traffic in Marrkesh-Safi, a 64% loss in Souss-Massa, and a 49% decline in Casablanca-Settat.

Moreover,  On August 27, a "significant security concern" led the University of Michigan to shut down the Internet on the Ann Arbor, Flint and Dearborn campuses. The disconnection resulted in a significant drop in traffic starting just before 14:00 local time (18:00 UTC) on August 27 and lasting until just after 08:00 local time (12:00 UTC) on August 30.

An announcement posted by the university detailed the impact of disconnecting from the Internet, including potential delays in financial aid refunds and the unavailability of specific campus systems. 

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
Aqua Security celebrates consecutive year of channel growth
BeyondTrust's 2024 report reveals top Microsoft vulnerabilities
AI-enabled biometric market to reach $50.5 billion by 2031
Half of online traffic in 2024 generated by bots, report finds
Top stories
Australian businesses fast-track Microsoft cloud adoption amid cyber threats
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity