The environmental services industry saw an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic.
Web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week that it shows a 61,839% increase in DDoS attack traffic year-over-year.
“This increase in cyber attacks coincided with COP 28, which ran from November 30 to December 12, 2023,” security researchers Omer Yoachimik and Jorge Pacheco said, calling it a “troubling trend in the cyber threat landscape.”
The increase in HTTP attacks targeting environmental service websites is part of a larger trend seen annually over the past few years, particularly during COP 26 and COP 27, as well as other UN environment-related resolutions or declarations.
“This recurring pattern underscores the growing interconnectedness between environmental issues and cybersecurity, a nexus that is increasingly becoming a focal point for attackers in the digital age,” the researchers said.
Despite the environmental services sector becoming a new target in Q4 2023, the cryptocurrency industry remains the primary casualty in terms of volume of HTTP DDoS attack requests.
With over 330 billion HTTP requests targeted, the attack traffic represented more than 4% of all HTTP DDoS traffic for the quarter. Gaming and gambling and telecommunications emerged as the second and third most attacked industries.
At the other end of the spectrum are the US and China, which are acting as the main sources of HTTP DDoS attack traffic. It is worth noting that the US has been the largest source of HTTP DDoS attacks for five consecutive quarters since the fourth quarter of 2022.
“Together, China and the US are responsible for slightly more than a quarter of all HTTP DDoS attack traffic in the world,” the researchers said. “Brazil, Germany, Indonesia and Argentina account for the next 25%.”
The development comes amid a massive onslaught of DDoS attacks targeting Palestinian banking, information technology (IT) and internet platforms following the Israel-Hamas war and the beginning of Israel’s counter-offensive codenamed Operation Iron Swords.
The percentage of DDoS attack traffic targeting Palestinian websites grew by 1,126% quarter-over-quarter, Cloudflare said, adding DDoS attack traffic targeting Taiwan registered a 3,370% growth amid the Taiwanese presidential elections and rising tensions with China.
Akamai, which also published its own retrospective on DDoS Trends in 2023, said “DDoS attacks became more frequent, longer, highly sophisticated (with multiple vectors), and focused on horizontal targets (attacking multiple IP destinations in the same attack event).”
The findings also follow a report from Cloudflare about the growing threat posed by unmanaged or unsecured API endpoints, which could enable threat actors to exfiltrate potentially sensitive information.
“HTTP anomalies – the most frequent threat to APIs – are common signs of malicious API requests,” the company said. “More than half (51.6%) of traffic errors from API origin included the ‘429’ error code: ‘Too many requests.'”