In the last State of Application Security Report, Cloudflare reports that 6,8% of Internet traffic is malicious.
Cloudflare, the provider of content delivery network and security services, believes that the increase is due to wars and elections. For example, many attacks against websites of Western interest come from pro-Russian hacktivist groups such as REvil, KillNet and Anonymous Sudan.
Distributed Denial of Service (DDoS) attacks continue to be the weapon of choice for cybercriminals, accounting for over 37% of all mitigated traffic.
The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4,5 million unique DDoS attacks. This total is nearly a third of all DDoS attacks mitigated in the previous year. But it's not just the sheer volume of DDoS attacks. The sophistication of these attacks is also increasing. Him last August, Cloudflare fended off a massive HTTP/2 Rapid Reset DDoS attack that peaked at 201 million requests per second (RPS). This number is three times higher than any attack seen in the past.
The report also highlights the increased importance of API security. With 60% of dynamic web traffic now related to APIs, these interfaces are a prime target for attackers. API traffic grows twice as fast as traditional web traffic. What's worrying is that many organizations don't even seem to know a quarter of their API endpoints. Organizations that do not have tight control over their web services or website APIs may not be able to protect themselves from attackers.
Data shows that an average enterprise application now uses 47 third-party scripts and connects to nearly 50 third-party destinations. Every login script is a potential security risk.
Finally, approximately 38% of all HTTP requests processed by Cloudflare are classified as automated bot traffic. Some bots are good and run some necessary service, such as customer service chatbots or are authorized search engine crawlers. However, up to 93% of bots are potentially malicious.