Page 158 - Cyber Defense eMagazine October 2023
P. 158
Understanding the Escalating Threat of Web
DDoS Tsunami Attacks
By Uri Dorot, Senior Security Solutions Lead at Radware
Whether it’s hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms
in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of
service (DDoS) attack – the Web DDoS Tsunami – is wreaking havoc around the world. These attacks
aren’t settling for intense (but transient) bursts of simple pings or flooding ports at layer 3 or layer 4.
Instead, they’re scaling up in volume and intensity. Think: millions of encrypted requests per second
(RPS) at layer 7 (L7). To understand Web DDoS Tsunami attacks, let’s consider four basic dimensions:
• Attack volume – The past few months have seen several attacks with RPS rates reaching 10
million – a dramatic escalation. This rise in Web DDoS Tsunamis can quickly overwhelm
traditional web application firewalls (WAF) and DDoS protection solutions. What’s more,
sophisticated and expensive L7 infrastructures present greater challenges when it comes to
mitigating these attacks. Only high-capacity L7 entities (web proxies and others) and highly
architected and ruggedized protection infrastructures can successfully withstand and defend
against these attack volumes.
• Attack duration – While some infamous ultra-high RPS (millions) attacks have lasted less than
a minute, other recent Web DDoS Tsunami attacks have continued many hours or even days
under multiple attack waves. In many instances, the attack erupts into “full power” in less than 10
Cyber Defense eMagazine – October 2023 Edition 158
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.