Web DDoS Tsunami Attack
2023-07-14The cyber security world is in turmoil. A new generation of HTTPS DDoS attacks are disrupting the market, bypassing organizations’ DDoS protection and WAF solutions.
A Web DDoS Tsunami attack is an evolved type of HTTP DDoS Flood cyberattack that is sophisticated, aggressive and very difficult to detect and mitigate without blocking legitimate traffic.
Web DDoS Tsunami attacks were developed during the new era of hacktivist activity sparked by Russia’s invasion of Ukraine on February 24, 2022. Attack tactics began with high-volume network-based Flood attacks. Later, they evolved to more sophisticated multi-vector application-level attacks that are hard to detect and mitigate.
These are sophisticated botnets and tools to launch cyber terrorism and agenda-driven attacks around the world. In a period spanning just two months, from February 18 to April 18, 2023, over 1,800 DoS (denial-of-service) attacks were claimed by hacktivists across 80 Telegram channels. These attacks are high in RPS (Requests Per Second) and sophisticated in behaviour, masquerading as legit traffic and going unnoticed upon decryption, as per the report of Radware Blog post.
These cyberattacks focus on denial of service and the defacement of websites around the world. Targets includes: Hospitals, Airports, Utilities, Government, Media and Financial services.
These Web DDoS Tsunami attacks combine application layer attack vectors, leveraging new tools to create sophisticated attacks that are harder—and sometimes impossible—to detect and mitigate with traditional methods.
The property of this is, they leverage sophisticated evasion techniques to bypass traditional app protections, such as randomizing HTTP methods, headers and cookies. They impersonate popular embedded third-party services and spoof IPs and other key targets. Application-level attack methods include HTTPS Get, Push and Post request attacks with changing parameters behind proxies and dynamic IP attacks. All look like legitimate requests.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.