Cloudflare Hints at Possible Rise in Gambling-Targeted DDoS Attacks

Posted on: November 3, 2023, 07:48h. 

Last updated on: November 4, 2023, 12:12h.

A recent report by Cloudflare suggests that gambling and betting operators should tighten their online security measures. The DDoS threat report for 2023 Q3 indicates that November and December could experience a surge in denial-of-service (DDoS) attacks.

A mockup of a laptop showing a DDoS attack alert
A mockup of a laptop showing a DDoS attack alert. A new report warns that an increase in attacks could target the gambling space. (Image: Getty Images)

Cloudflare’s analysis indicates that the prevalence of Hypertext Transfer Protocol (HTTP) DDoS attacks has increased for gambling and betting companies in Q3. This resulted in the segment surpassing the number experienced by cryptocurrency companies. These attacks specifically target HTTP Internet infrastructure, including servers for mobile applications, eCommerce websites, and API gateways.

According to recent research, which builds on a report from earlier this year, there has been a notable surge in HTTP DDoS attacks across the latter half of the year. This has led to a 15% increase compared to the number of attacks from Q2. The current quarter has witnessed a 65% rise in comparison.

This, according to Cloudflare, amounts to 8.9 trillion HTTP DDoS requests that the online content delivery and cybersecurity firm successfully detected and countered. The substantial increase already recorded in Q4 suggests more attacks may be coming.

Gaming Operators Beware

Cloudflare asserts that gambling and gaming companies recorded the largest absolute volume (5%) of HTTP DDoS attacks, putting the segment ahead of the cryptocurrency ecosystem. It also points out that this figure is relative. Cloudflare explains that the gambling and gaming segment has so much constant traffic that its volume is, by default, higher than most.

As a result, the industry with the highest relative penetration of attacks, at 17.46%, was Mining and Metals. Nonprofits follow it with 17.41%.

That doesn’t mean that gambling operators can be complacent. Across the globe, attacks continue, and new technology makes them easier to launch.

Botnets are becoming more sophisticated, enabling a greater number of attacks. Cloudflare explains that they’re taking advantage of cloud computing platforms to become stronger, allowing them to create 5,000x more power per botnet node.

Cloudflare’s own network was the biggest botnet DDoS target during a two-month attack that began in August, accounting for 19% of the attacks. Gaming companies were right behind with 18%.

US Leads as Attack Source

The study also revealed that around 36% of Layer 3 and 4 (network layer and transport layer, respectively) DDoS attack traffic during the third quarter originated within the US. A substantial portion of L3/4 DDoS attack traffic, around 35% in terms of bytes, set its sights on the IT sector and the internet industry.

In terms of rankings, Germany trails right behind, securing the second spot with 8%. The UK comes in third place with nearly 5%.

Furthermore, the investigation revealed a prevalent trend of DNS-based DDoS attacks during the latter half of the annual cycle. It’s noteworthy that DNS (Domain Name Server) accounts for nearly half — specifically 47% — of all assaults, signifying a notable amplification of 44% in comparison to the previous 10 years.

No Region Safe from Attack

The data shows that no geographic region is safe from attacks. In Africa, media production companies were the primary target, followed by financial and insurance companies in second, and gaming and gambling in third.

In Asia, DDoS attackers still prefer targeting the cryptocurrency space. However, the gaming and gambling group is in second place.

Europe’s gaming and gambling segment was the leader in the region. Next were retail companies in second, and computer software companies in third.

In Latin America, the prevalent industry for attacks is farming, recording 53% of the total. Gaming and gambling once again came in second.

For the Middle East, retail was the main target, with computer software companies in second. Gaming and gambling made the list once again, coming in third.

Only in North America and Oceania did gaming and gambling not appear among the top three. Computer software companies ranked high in both, as did the telecom industry.