The content delivery network and security company, Cloudflare, revealed its latest State of Application Security Report, highlighting some concerning hazards to the internet.
It stated that 6.8% of internet traffic is malicious, a 1% increase from last year’s study. The company believes this increase is due to the ongoing war and elections, like the attack on Western-interest websites inflicted by pro-Russian hacktivist groups.
These attacks are happening at an alarming rate, which is relatively faster than the time it takes for a company to read its security advisory and fix the security patches.
Furthermore, the report highlighted the attacks on the old and known vulnerabilities, causing a staggering increase in zero-day exploits.
It also disclosed that cybercriminals prefer Distributed Denial of Service (DDoS) attacks, which make up 37% of all mitigated traffic. In the first quarter of 2024, Cloudflare blocked 4.5 million unique DDoS attacks, which is almost a third of all the attacks incurred last year.
Alongside the volume of attacks, the severity of attacks is also increasing. Last August, Cloudflare helped fight a massive HTTP/2 Rapid Reset DDoS attack that caused 201 million requests per second (RPS). Similarly, Google Cloud has reported an attack that peaked at 398 million RPS.
The report indicated that, with 60% of dynamic web traffic being API-related, APIs are at huge risk of cyberattacks.
Moreover, 38% of all HTTP requests processed by Cloudflare are considered automatic bot traffic, while 93% of bots are potentially risky or useless.
So, to protect your website from these attacks, you must leverage security services from Cloudflare and its alternatives. You can also seek assistance from software supply chain security companies to protect your code.
