Rise of malicious web application attacks


MAHWAH, NJ, March 10, 2022 (GLOBE NEWSWIRE) — Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application delivery solutions, today released its 2021-2022 Global Threat Analysis Report. The report’s findings highlight that 2021 will be the year of the attack on web applications. Between 2020 and 2021, the number of malicious web application requests increased by 88%, more than double the year-over-year growth rate of distributed denial-of-service (DDoS) attacks, which increased 37% compared to 2020.

The unprecedented rise in web application attacks, however, hasn’t stopped DDoS from making a name for itself in 2021. The report details how the past year has seen several record-breaking DDoS attacks and ransom denial-of-service (RDoS ) earn its place in the threat landscape. At the same time as large attacks are making headlines, the volume of micro-floods, often undetected attacks, has increased by almost 80% compared to 2020.

“Statistics tell a story of bad actors. They become smarter, more organized and more focused in pursuing their goals, whether for money, fame or a political cause,” said Pascal Geenens, Director of Threat Intelligence at Radware. “In addition, cybercriminals are changing their attack patterns from exploiting larger attack vectors to combining multiple vectors into more complex campaigns to mitigate. Ransomware operators and their affiliates, which now include DDoS actors for hire, work with a whole new level of professionalism and discipline – something we’ve never seen before.

Radware’s 2021-2022 Global Threat Analysis Report reviews the most significant cybersecurity events in 2021 and provides detailed information on DDoS attack and web application developments, as well as security trends. unsolicited network analysis. Key takeaways from the report include:

  • Cloud-scale DDoS attacks are in the forecast: As more enterprises migrate critical resources and applications to the public cloud, attackers are adapting their tactics and techniques to match the scale of public cloud providers. While businesses shouldn’t be immediately alarmed by reports of massive attacks, they should be aware that DDoS attacks are part of their threat landscape, regardless of geography or industry. Companies that host services in the public cloud must be prepared for cloud-scale attacks.
  • Ransom DoS (RDoS) gangs support: In 2020, there was an increase in DDoS attacks against organizations that failed to pay a ransom demand on time. In 2021, RDoS confirmed its ubiquitous presence in the DDoS threat landscape with several campaigns. This included attacks targeting VoIP providers around the world, which raised concerns for critical infrastructure.
  • Ransomware operators turn to triple extortion: In 2021, more sophisticated and better organized operators have improved their tactics, adding more extortion capabilities to their arsenal. To bring reluctant victims back to the negotiating table, they launched triple extortion campaigns by combining not only crypto-locking and data leaks, but also DDoS attacks. As a result, the thriving underground economy backed by ransomware operators is seeing new demand for DDoS services for hire.
  • Micro-floods put on a big show: While the number of large attack vectors (greater than 10 Gbps) decreased by 5% between 2020 and 2021, micro-floods (less than 1 Gbps) and application-level attacks increased by almost 80%. By cleverly combining large numbers of micro-floods over longer periods of time, attackers put organizations at greater risk of having to constantly increase infrastructure resources, such as bandwidth and network and server processing, up to until the service becomes prohibitive.

Other key findings from the 2021-2022 Global Threat Analysis Report include:

DDoS attacks
In 2021, the number of malicious DDoS events increased by 37% per customer compared to 2020. Europe, the Middle East and Africa (EMEA) and the Americas each accounted for 40% of the attack volume in 2021, while the Asia-Pacific region accounted for 20%.

Average DDoS attack volumes in 2021 per customer increased by 26% in 2021 compared to 2020.

The most attacked sectors in 2021 were gaming and retail, each accounting for 22% of attack volume on a normalized basis. These two industries were followed by government (13%), healthcare (12%), technology (9%) and finance (6%).

Web application attacks
The number of malicious web application requests increased by 88% between 2020 and 2021. Broken access control and injection attacks accounted for over 75% of web application attacks.

The most attacked sectors in 2021 were banking and finance, as well as SaaS providers, together accounting for more than 28% of web application attacks. The retail and high-tech sectors ranked third and fourth, each with nearly 12% of web security events, followed by manufacturing (9%), government (6%), carriers ( 6%) and transportation (5%).

Radware’s full 2021-2022 Global Threat Analysis Report can be downloaded here. The report leverages intelligence provided by network and application attack activity from Radware’s cloud and managed services, Global Deception Network, and Threat Research team.

About Radware
Radware® (NASDAQ: RDWR) is a global leader in cybersecurity and application delivery solutions for physical, cloud and software-defined data centers. Its award-winning portfolio of solutions secures the digital experience by providing enterprise IT infrastructure, applications and protection, and availability services to enterprises worldwide. Radware’s solutions enable businesses and operators around the world to quickly adapt to market challenges, maintain business continuity, and achieve maximum productivity while reducing costs. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on: Facebook, LinkedIn, Radware Blog, Twitter, YouTube and Radware Mobile for iOS and Android.

©2022 Radware Ltd. All rights reserved. All Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the United States and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other brands and names are the property of their respective owners.


Radware believes that the information contained herein is accurate in all material respects as of the date of its publication. However, the information is provided without any express, statutory or implied warranty and is subject to change without notice.

The content of any website or hyperlink mentioned in this press release is for informational purposes only and its content does not form part of this press release.

Safe Harbor Statement
This press release contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. -see the statements. Generally, forward-looking statements can be identified by words such as “believes”, “expects”, “anticipates”, “intends”, “estimates”, “plans” and similar expressions or future or conditional verbs such as “will”, “should”, “should”, “may”, and “might”. For example, when we say that attackers combine multiple vectors into more complex campaigns to ransomware and their affiliates, which now include DDoS actors for hire, are working with a whole new level of professionalism, we are using a forward-looking statement.As these statements address future events, they are subject to various risks and uncertainties, and the actual results, expressed or implied by these forward-looking statements, could differ materially from Radware’s current expectations and estimates. these include, but are not limited to: the impact of global economic conditions and market volatility for our products; natural disasters and public health crises, such as the coronavirus disease 2019 (COVID-19) pandemic; our ability to successfully implement our strategic initiative to accelerate our cloud business; our ability to effectively expand our operations; the timely availability and customer acceptance of our new and existing solutions; risks and uncertainties related to acquisitions or other investments; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the onset or escalation of hostilities or acts of terrorism; intense competition in the cybersecurity and application delivery solutions market and in our industry generally, and changes in the competitive landscape; changes in government regulations; failures, interruptions or delays in the hosting services or our internal network system; compliance with open source and third-party licenses; the risk that our intangible assets or goodwill will be impaired; our reliance on independent distributors to sell our products; long sales cycles for our solutions; changes in currency exchange rates; undetected defects or errors in our products or failure of our products to protect against malicious attacks; component availability and manufacturing capacity; the ability of suppliers to supply our hardware platforms and components for our major accessories; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; changes in tax laws; our ability to achieve our investment objectives for our cash and liquid investments; our ability to attract, train and retain highly qualified personnel; and other factors and risks over which we have little or no control. This list is intended to identify only some of the major factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, see Radware’s Annual Report on Form 20-F filed with the Securities and Exchange Commission (SEC) and other risk factors discussed from time to time by Radware in reports filed with, or provided to, the SEC. Forward-looking statements speak only as of the date they are made and, except as required by applicable law, Radware does not undertake to revise or update any forward-looking statement to reflect new events or circumstances after the date on which such declaration is made. Radware’s public filings are available on the SEC’s website at www.sec.gov or may be obtained from Radware’s website at www.radware.com.

Media contacts:
Gerri Dyrek
[email protected]


Comments are closed.