DDoS Attacks in 2024 Q2
Hello, dear fellow cyber warriors! Imagine waking up to find your favorite website is down, not just for a few minutes, but for two relentless days because of the DDoS attack. Fortunately, that is not the case for us. Today, we are diving deeper into the digital trenches, exploring the biggest and most sophisticated DDoS attacks we have faced in 2024 so far and how we have geared up to tackle them head-on.
The Biggest DDoS Attack of 2024 (So Far)
Let’s start with the jaw-dropping highlight of the year. The most colossal Layer 7 DDoS attack we’ve encountered in 2024 hit us with an overwhelming force of 32 million requests per minute (RPM) and 800 million requests per hour (RPH). This digital tsunami started on June 12th and peaked on June 15th, lasting for five relentless days and targeting a single domain. The intensity and duration of this attack were off the charts, pushing our defenses to their absolute limits.
As Q2 wrapped up, we also noticed several spikes in hit-and-run DDoS attacks. These attacks, although smaller in scale, were frequent and unpredictable. They may not have had the same raw power as the massive assault we faced earlier, but their erratic nature kept us on our toes. The graph above shows the maximum PRM and RPH for single domains that SOC Mlytics have faced, highlighting these sporadic yet potent attacks.
These kinds of attacks aren’t just numbers; they could impact businesses, disrupt services, and even lead to significant financial losses if we don’t handle them properly.
The Role of AI in Modern DDoS Attacks
Just as we predicted in our previous article published in early 2024, “Predicting DDoS Attacks in 2024” [1], this year, we have seen a noticeable uptick in AI-driven attacks. These sophisticated assaults are particularly menacing because AI allows them to adapt and evolve constantly, making manual blocking efforts increasingly difficult. This is also supported by recent research, which shows that 93% of security leaders expect to face daily AI-driven attacks, showing how prevalent and sophisticated these threats have become [2].
Below is a simple example of how AI can be used in modern attacks. In the example below, the same source sends requests using different user agents within a short time frame. This tactic might be used to bypass security measures that block specific User Agents or apply rate-limiting based on User Agents.
But here’s the good news: at Mlytics SOC, we have been prepping for this shift. We have automated several critical tasks, making our DDoS handling more efficient and reducing the impact of these attacks by about 90%. This initiative includes automating the isolation of attacks and leveraging our CDN orchestration mechanism [3] to reroute traffic to the less expensive CDN with a global capacity to absorb volumetric attacks. This ensures that we handle the attacks effectively while managing costs efficiently.
Strengthening Our Defenses
In our previous articles about “Will I be replaced by AI?” [4], we also emphasized the importance of collaboration between SOC teams and AI. This synergy has proven invaluable in our ongoing battle against DDoS threats. By combining human expertise with AI’s adaptive capabilities, we have enhanced our mitigation strategies, making them faster and more cost-effective.
Here’s a closer look at how we fortify our defenses:
- Automated Isolation: As soon as an attack is detected, our systems automatically isolate the affected domains, ensuring our customers’s services remain available.
- Traffic Rerouting: Our CDN orchestration mechanism dynamically reroutes traffic to ensure optimal performance and cost-efficiency during an attack.
- Enhanced Detection Systems: Our detection systems utilize AI and machine learning to distinguish between legitimate traffic and malicious activity with greater precision.
- Regular Security Audits and Updates: We continuously assess and update our security protocols to stay ahead of emerging threats.
- Staff Training: Regularly educating our team on the latest threats and best practices to ensure a well-informed and prepared workforce.
The Future of DDoS Defense
Looking ahead, the collaboration between SOC teams and AI will continue to be a game-changer in DDoS mitigation. The evolving nature of cyber threats demands that we stay one step ahead, continuously refining our strategies and leveraging the latest technologies to protect our digital landscape.
As we move forward, the synergy between advanced AI systems and experienced SOC teams will be crucial. We must stay informed about the latest developments in AI and cybersecurity, participate in ongoing training, and adopt cutting-edge solutions that enhance our defensive posture. By fostering a culture of continuous improvement and collaboration, we can ensure that our defenses are not just reactive but proactive, ready to counter any threat that comes our way.
So, stay alert, stay informed, and keep your defenses strong. The battle against DDoS attacks is ongoing, but we can make a difference together. If you are looking for comprehensive DDoS protection for your web application, feel free to reach out to us at Mlytics. We are here to help you fortify your defenses and ensure the resilience of your digital assets [5].
References
[1] Netacea. (2024). Cyber security in the age of offensive AI. https://netacea.com/reports/cyber-security-in-the-age-of-offensive-ai/
[2] Mlytics SOC. (2024). Predicting DDoS Attacks in 2024. https://medium.com/@alerts_75775/predicting-ddos-attacks-in-2024-5f022e5bd92f
[3] Mlytics. (n.d.). What is DEM Analytics? Retrieved June 20, 2024, from https://help.mlytics.com/en/knowledge/what-is-dem-analytics
[4] Mlytics. (2024, June 19). Will I be replaced by AI? Medium. https://medium.com/mlytics/will-i-be-replaced-by-ai-bf906586fbe9
[5] Mlytics. (n.d.). DDoS Protection. Mlytics. Retrieved June 21, 2024, from https://www.mlytics.com/features/ddos-protection/
