According to Cloudflare, in the first quarter of 2023, the organizers of hyper-volumetric DDoS attacks switched from using compromised IoT devices to using hacked VPS. This makes it faster and easier for attackers to build high-performance botnets that are up to 5,000 times more powerful than IoT-based botnets. Volumetric attacks focus on sending as many unwanted HTTP requests as possible to the victim’s server in order to overload its CPU and RAM, preventing users from accessing the target sites. Cloud solution providers offer virtual private servers (VPS) that enable startups and companies to create efficient applications, but they can also be used to create powerful botnets. Cloudflare is working with cloud providers and partners to combat new VPS threats and has already managed to destroy a significant part of the new botnets.
Ransomware DDoS attacks increased by 60% in the first quarter of this year, accounting for 16% of all reported incidents. Affected countries included Israel, the United States, Canada and Turkey, with Internet services, marketing companies, software development, gaming and gambling sectors being the most targeted. The largest attack recorded by Cloudflare this quarter exceeded 71 million requests per second, while another notable incident was a 1.3 terabits per second DDoS attack against an unnamed South American telecommunications provider. Most of the attacks (86.6%) lasted less than 10 minutes and 91% did not exceed 500 Mbps. However, the number of large-scale attacks exceeding 100 Gb/s is growing, increasing by about 6.5% compared to the previous quarter.
