- Blocked DDoS events up 75% in the first nine months of 2021 compared to 2020
- Blocked web application security events doubled every quarter in 2021
- Web application security violations align with the OWASP Foundation's new 2021 top 10 list
- Industries witnessing the most DDoS attacks: technology, healthcare, communications
Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, has published results from its Q3 DDoS and Application Attack Report. The report provides an overview of the DDoS attack landscape, application attack developments, and unsolicited network scanning trends. The data for the report analyzes network and application attack activity sourced from Radware's cloud and managed services, and Radware's Global Deception Network.
"More DDoS attacks were blocked during the first nine months of 2021 than all of 2020," said Pascal Geenens, director of threat intelligence for Radware. "During the third quarter, DDoS records for large volumetric attacks were broken across three continents. At the same time, phantom floods, or micro attacks that typically fly below the radar, increased. The reality is organizations need more granular detection and multi-layer defenses to protect against stealthier and more complex DDoS attacks."
DDoS Attacks Rise
The number of malicious events blocked by Radware's DDoS mitigation solution was up 75% during the first nine months of 2021 compared to the same period in 2020. And the total volume blocked in the first nine months of 2021 was 44% higher than the same period in 2020.
Although the total number of events per company for the third quarter was slightly below previous quarters in 2021, the number stayed above the highest quarterly level recorded in 2020.
Web Application Attacks Double
The most attacked industry in the third quarter was technology, with an average of 2,638 attacks per company, followed by healthcare (1,785 attacks per company), communications (1,525 attacks per company), and finance (1,337 attacks per company).
Web application attacks based on known vulnerabilities and techniques are ramping up quickly. The number of blocked web security events per company doubled every quarter for the first three quarters of 2021.
The third quarter of 2021 accounted for 2.1 million blocked security events per company per quarter, or an average of 700,000 blocked security events per month per company.
Predictable resource location attacks, the most important security violation in the third quarter, was witnessed twice as often as SQL injection, the second-most violation, followed by code injection attacks and cross-site scripting attacks. The top two violations reported in the third quarter are aligned with the top web application security concerns as reported in the OWASP Foundation’s recently published 2021 top 10 list.
Unsolicited Network Scanning and Attack Activity Surges
In the third quarter of 2021, the most attacked industry was banking and finance, which accounted for almost 23% of blocked web security events, followed by government (16%), technology (15%), and retail and wholesale trading (12%).
Third quarter unsolicited scanning activity as recorded by Radware’s Global Deception Network peaked at 27 million events per day, representing the second highest level during 2021.
According to Geenens, "Network scanning and attack activity was marked by opportunistic and random scanning that constitutes a large part of the vulnerability and exploit threat landscape. Malicious actors continuously leverage old and freshly disclosed vulnerabilities such as remote command execution and command injection exploits that are easy to integrate into existing malware and exploit tools. Along with the evolution in cloud resources and services, there is no more hiding on the internet. Every deep corner of the internet gets inventoried in convenient IoT search engines."
Radware's complete Q3 DDoS and Application Attack Report can be downloaded here.
Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware's solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.
Radware encourages you to join our community and follow us on: Facebook, LinkedIn, Radware Blog, Twitter, YouTube, and Radware Mobile for iOS and Android.
©2021 Radware Ltd. All rights reserved. Any Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the U.S. and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.
THIS PRESS RELEASE AND THE RADWARE Q3 DDOS AND APPLICATION ATTACK REPORT ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THESE MATERIALS ARE NOT INTENDED TO BE AN INDICATOR OF RADWARE'S BUSINESS PERFORMANCE OR OPERATING RESULTS FOR ANY PRIOR, CURRENT, OR FUTURE PERIOD.
Radware believes the information in this document is accurate in all material respects as of its publication date. However, the information is provided without any express, statutory, or implied warranties and is subject to change without notice.
The contents of any website or hyperlinks mentioned in this press release are for informational purposes and the contents thereof are not part of this press release.
Safe Harbor Statement
This press release includes "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware's plans, outlook, beliefs, or opinions are forward-looking statements. Generally, forward-looking statements may be identified by words such as "believes," "expects," "anticipates," "intends," "estimates," "plans," and similar expressions or future or conditional verbs such as "will," "should," "would," "may," and "could." For example, when we say that organizations need more granular detection and multi-layer defenses to protect against stealthier and more complex DDoS attacks, we are using a forward-looking statement. Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware’s current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; natural disasters and public health crises, such as the coronavirus disease 2019 (COVID-19) pandemic; our ability to expand our operations effectively; timely availability and customer acceptance of our new and existing solutions; risks and uncertainties relating to acquisitions or other investments; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; intense competition in the market for cyber security and application delivery solutions and in our industry in general, and changes in the competitive landscape; changes in government regulation; outages, interruptions or delays in hosting services or our internal network system; compliance with open source and third-party licenses; the risk that our intangible assets or goodwill may become impaired; our dependence on independent distributors to sell our products; long sales cycles for our solutions; changes in foreign currency exchange rates; undetected defects or errors in our products or a failure of our products to protect against malicious attacks; the availability of components and manufacturing capacity; the ability of vendors to provide our hardware platforms and components for our main accessories; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; changes in tax laws; our ability to realize our investment objectives for our cash and liquid investments; our ability to attract, train, and retain highly qualified personnel; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware's Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware's public filings are available from the SEC's website at www.sec.gov or may be obtained on Radware's website at www.radware.com.