1、DDoS:Here to StayMar ch 2024 FS-ISAC 2024|2|DDoS:Here to StayContentsExecutive Summary 3Financial Services:The Top Target for DDoS 4Regional Overview 6Geopolitical Influence 7Hacktivist Profile:NoName057(16)7Hacktivist Profile:Anonymous Sudan 7Hacktivist Profile:KillNet 8More Than a Nuisance:Threat

2、Actors DDoS Use Cases 8Evolving DDoS Attack Types in 2023 9Notable DDoS Attacks in 2023 10DDoS HTTP/2 Rapid Reset Vulnerability 11Layer 7 and DNS Flood Attacks 11Pseudo-Random Subdomain Attacks(PRSDs)11Mitigation 11Addressing Material Risk 12DDoS Protection Services 13Resilience 13Cyber Hygiene 14Co

3、nclusion 14 FS-ISAC 2024|3|DDoS:Here to StayIn 2023,distributed denial-of-service(DDoS)attacks reached new heights of size and sophistication.The financial sector is the top target across most of the world.Though DDoS attacks infrequently interrupt internal operations or extract data from mature fin

4、ancial services organizations,they can have an outsized impact on customer confidence.When a website is unavailable even for seconds customers can infer that the entire organization is compromised,which damages the firms reputation.Much of the upsurge in DDoS attacks beginning in 2022 is attributabl

5、e to motivated hacktivists,intent on creating as much disruption as they can.Hacktivists use DDoS as a tool of geopolitical conflict and political instability,and will likely Executive Summarycontinue using that tool as long as it proves effective.Indeed,DDoS attacks increased in 2023 in concert wit

6、h the outbreak of the Israel-Hamas war and political summits such as the COP 28,during which a noticeable spike in HTTP attacks targeting environmentalist websites was observed.Along with hacktivists,nation-states,ransomware attackers,and criminal groups all rely on DDoS attacks as part of a layered