DUBLIN: Recent months have seen a surge in attempted direct denial of service (DDoS) cyber-attacks, according to web security business Cloudflare.

In a report covering the second quarter of 2023, Cloudflare analysts said they had found "an alarming uptick in highly-randomized and sophisticated HTTP DDoS attacks over the past few months," suggesting the technique, once the preserve of "state-level and state-sponsored threat actors," is being more widely used by criminals.

DDOS is an old-school cyber warrior tactic that tries to take down websites by bombarding them with more hits than they can handle, leaving them inaccessible, much as a traffic jam leaves a truck driver unable to get to his or her delivery drop, according to US-based Cloudflare.

However, the newer and more widespread DDoS attacks appear subtler than the bulldozer-style approach deployed in the past by state actors, having been "deliberately engineered" by the "threat actors" to get around defences by "adeptly imitating browser behavior very accurately." This could mean that internet users might soon have to do more than click through so-called recaptcha forms and similarly-tedious and time-consuming measures, which are designed to fend off the bot-swarming that DDoS typically entails.

State-run or backed DDoS attacks are still likely, however, with Cloudflare citing threats by "pro-Russian hacktivist groups" to take down the SWIFT (Society for Worldwide Interbank Financial Telecommunication) system that facilitates cross-border transactions, from which seven Russian banks were removed as part of sanctions imposed in retaliation for the country's invasion of Ukraine in 2022.

While IT and related services saw the most attacks worldwide, the gaming and gambling industry was Europe's worst-hit sector, Cloudflare said, followed by hospitality and broadcast media.

Around 40% of the Europe-focused attacks came from within the continent, the report showed. – dpa