DDoS attacks surge 364% in APAC, driven by AI & hacktivists
Radware has reported a significant escalation in Distributed Denial of Service (DDoS) attack activity across the Asia-Pacific (APAC) region, with average attack volumes increasing by 364% compared to the previous year.
The data from Radware's threat intelligence research, which encompasses information from the company's cloud and managed services along with publicly available data from the Telegram messaging platform, provides a detailed overview of recent trends and targets in network and application-based cyberattacks.
Sharp escalation
According to the company, the frequency and intensity of DDoS incidents are outpacing previous years in the region. Kenichiro Sasaki, Country Manager for Radware in Japan, noted the changing landscape of threats facing organisations:
"Across APAC, there has been a sharp escalation in the frequency and intensity of cyberattacks and DDoS incidents are leading the charge. Multiple catalysts are driving the threat revolution, including geopolitical conflicts, bigger and more complex threat surfaces, and more sophisticated and persistent threats. Add to that the impact of Al, which is lowering barriers to entry, and what you have is a highly dynamic threat environment that demands equally dynamic defense strategies."
The company's analysis reveals that, from 2023 to 2024, the average number of network DDoS attacks per customer increased by 72%. Service providers were the primary targets, receiving 55% of the attack volume, while the technology and gaming sectors followed with 21% and 11% respectively.
Network-layer and application-layer attacks
Network-layer DDoS attacks have increased threefold in average size during this period. Concurrently, Layer 7 (application-layer) DNS DDoS attacks have also grown considerably, with the number of DNS flood queries and malicious DNS volumes both rising by 93% over the previous year. The manufacturing sector was most impacted by these DNS flood activities, accounting for 43% of the malicious queries, while telecom and energy sectors comprised 40% and 14% respectively.
Radware's research indicates that the broadening digital infrastructure in APAC, coupled with persistent global tensions and the emergence of advanced AI capabilities, are increasing the region's susceptibility to a diverse range of cyber threats.
Hacktivist campaigns intensify
Hacktivist-led cyberattack campaigns have maintained their momentum globally and regionally, with targeted DDoS attacks surging in response to ongoing political and ideological unrest. Data gathered from Telegram indicates a 20% global rise in hacktivist-claimed attacks between 2023 and 2024.
Within APAC, India emerged as the most targeted country with 761 claimed attacks, followed by Indonesia with 614, Taiwan with 281, Thailand with 220, and Bangladesh with 188. The report identifies government institutions as the most commonly targeted group among hacktivists in the region, accounting for 17% of the activity. This was followed by the education sector at 12% and the finance sector at 9%.
The threat actor known as Executor DDoS was the most active in APAC, laying claim to 513 DDoS attacks. This was followed by RipperSec with 467 attacks and NoName057(16) with 362 attacks.
Industry perspectives
The findings reflect broader industry concerns regarding the increasing complexity of cyberattacks and the involvement of AI, which is perceived as reducing the technical barrier of entry for attackers and enabling more frequent and complex campaigns. As the threat landscape evolves, the need for adaptable and advanced defensive strategies is highlighted across affected sectors such as service providers, technology, gaming, manufacturing, telecoms, and energy.
Radware's intelligence underscores the ongoing challenges facing APAC organisations as they address the growing risks and implement strategies aimed at safeguarding their digital operations against a changing backdrop of cyber threats.