How Are Threat Actors Innovating DDoS Attacks?

Image provided by pixabay

This post is also available in: עברית (Hebrew)

Although research has shown a decline in DDoS attacks during the first half of 2022, it was quite short lived. During the second half of 2022, malicious cyber-attacks have increased tremendously, reaching nearly 13 million in numbers.

Certainly, the rise in internet usage and digital connectivity has broadened the cyber landscape that criminals can abuse.

Not only has the number of attacks increased, but so has their operational complexity, with cyber criminals constantly working toward developing new and innovative ways to launch attacks against victims.

Instead of simply being content with deploying the same, basic DDoS attacks, threat actors are utilizing new, innovative types of DDoS attacks, creating a shifting paradigm, at the center of which are direct-path attacks.

Direct-path attacks are growing at an alarming rate. These types of attacks surged in 2022, making up roughly half of all DDoS attacks. In fact, over the last three years, they have increased by 18% while, during the same period of time, traditional reflection/amplification attacks decreased by a similar amount, highlighting the need for organizations to implement a hybrid defense approach to weather fluctuating attack methodologies.

Additionally, with there now being over one billion websites worldwide, there has been a surge in DDoS attacks targeting websites – as evidenced by a 487% increase in HTTP/HTTPS application-layer attacks since 2019.

The most significant escalation came during the second half of 2022 when pro-Russian groups such as KillNet explicitly launched attacks targeting websites. Attacks of this nature have coincided with the war between Russia and Ukraine, forcing critical financial, government, and media sites offline, according to