DDoS Attackers Put Environmental Services Firms in Their Crosshairs – Source: securityboulevard.com

Environmental services websites are becoming significant targets for threat groups launching distributed denial-of-services attacks, with researchers at Cloudflare noting a staggering 61,839% year-over-year increase in the fourth quarter last year.

The spike in the HTTP DDoS attacks aimed at the industry coincided with the United Nation’s COP28 climate conference, which ran from November 30 to December 12 in the United Arab Emirates, Cloudflare researchers wrote in the web performance and security company’s Q4 2023 DDoS report.

The jump in the number of DDoS incidents was part of an emerging pattern, they wrote, noting similar surges in cyberattacks during the COP26 and COP27 conferences in previous years.

“While the Cryptocurrency sector was initially leading in terms of the volume of HTTP DDoS attack requests, a new target emerged as a primary victim,” Omer Yoachimik, product manager at Cloudflare, and Jorge Pacheo, data analyst that the company, wrote in the report. “The Environmental Services industry experienced an unprecedented surge in HTTP DDoS attacks, with these attacks constituting half of all its HTTP traffic.”

Yoachimik and Pacheco noted that the COP28 conference in Dubai “was a pivotal event, signaling what many considered the ‘beginning of the end’ for the fossil fuel era.”

According to a UN statement, negotiators from almost 200 participants agreed to what they called the first “global stocktake,” a plan to increase climate actions before the end of the decade with the goal of keeping the global temperature limit of 1.5 Celsius – or 34.7 Fahrenheit – within reach.

“Whilst we didn’t turn the page on the fossil fuel era in Dubai, this outcome is the beginning of the end,” UN Climate Change Executive Secretary Simon Stiell said in his closing speech. “Now all governments and businesses need to turn these pledges into real-economy outcomes, without delay.”

A ‘Disturbing Trend’

The Cloudflare researchers noted that other significant environment events, including the UN’s resolution on climate justice in March – where the UN General Assembly said it would turn to the International Court of Justice regarding countries’ climate obligations – and the organization’s Freshwater Challenge river and wetland restoration project also were accompanied by a rise in cyberattacks on environmental services websites.

They suggested such announcements “heightened the profile of environmental websites” and highlighted “a disturbing trend in the cyber threat landscape.”

“This recurring pattern underscores the growing intersection between environmental issues and cyber security, a nexus that is increasingly becoming a focal point for attackers in the digital age,” Yoachimik and Pacheco wrote.

Global Conflicts Fuel in DDoS Attacks

In its fourth-quarter report, Cloudflare also focused on a few other areas, including the use of DDoS attacks in political or military conflicts between nations. Just as the security firm saw a rise in DDoS incidents accompanying Russia’s illegal invasion of Ukraine in February 2022, there’s been a similar jump following Hamas’ attack on Israel in October.

In a previous report in October, Cloudflare noted that about 12 minutes after Hamas attacked Israeli cities, including Tel Aviv and Jerusalem, with rockets as part of the terrorists group’s broad assault on the country, its system detected DDoS attacks targeting websites that provide Israeli citizens with critical information.

In response to Hamas’ assault, Israel launched Operation Iron Swords in an effort to eliminate the terrorist group from Gaza in neighboring Palestine. During the war, Cloudflare has seen DDoS attacks from both sides of the conflict, making Palestine the region to see the second most HTTP DDoS attacks during the fourth quarter.

“Over 10% of all HTTP requests towards Palestinian websites were DDoS attacks,” the researchers wrote.

In all, the percentage of DDoS attack traffic aiming at Israeli websites in Q4 grew 27% over the previous quarter, while such traffic targeting Palestinian websites jumped 1,126% quarter-over-quarter.

In HTTP DDoS attacks, the bad actors – often using a botnet – try to overwhelm HTTP web servers or applications with more requests than they can handle, making it impossible to process legitimate HTTP requests to get through.

Taiwan also saw a huge jump in HTTP DDoS attacks, with a year-over-year increase of 3,370% in DDoS targeting the island nation. The rise coincided with elections in Taiwan and growing tensions with China, the researchers wrote.

Overall, Singapore was the largest target of HTTP DDoS attacks in the fourth quarter, with more than 317 billion HTTP requests – or 4% of all global DDoS traffic – aimed at Singaporean websites. The United States was a close second, followed by Canada. Taiwan was the fourth-most attacked region.