Radware Successfully Defends Financial Institute from Large l7 DDoS Attack


Introduction

As cyber threats become more sophisticated and relentless, the importance of having robust defenses in place has never been clearer. One of the most significant threats facing online businesses today is Layer 7 (L7) Distributed Denial of Service (DDoS) attacks. These advanced attacks target the application layer, overwhelming services with malicious requests, causing severe disruptions, and leading to potential financial losses.

On October 14, 2024, Radware was called upon to mitigate the largest L7 DDoS attack against a major financial institution. The attack, which peaked at 16 million requests per second (RPS) and over 6.5 billion transactions, was neutralized without any downtime or service disruption. Here’s how Radware’s advanced Web DDoS Protection defended the financial institution and ensured business continued during this unprecedented assault.

Attack Overview

The attack began at 10:02 AM, targeting a critical application used by the financial institution to shield its main systems from external traffic. This application acts as a gateway, ensuring that malicious requests from outside their core operational region are filtered out. In this case, the attackers launched a large-scale DDoS campaign, which reached a peak volume of 16 million RPS and lasted for 16 minutes. With over 6.5 billion total requests, this was the largest DDoS attack ever recorded against a financial institution.

Without effective defenses this attack could have crippled the institution’s services, leading to downtime, reputational damage, and financial losses. However, Radware’s Web DDoS Protection proved to be more than capable of handling the challenge.

Image A: the image show the attack with the highest peak on a single application that was 16 million RPS Image A: the image show the attack with the highest peak on a single application that was 16 million RPS

How Radware Mitigated the Attack

Radware’s Web DDoS automatic detection was crucial in this situation. By generating custom signatures tailored specifically to the attack’s unique patterns, Radware’s systems were able to counter the threat quickly and efficiently. The advanced algorithms that power Radware’s defenses continuously analyze the behavior of the malicious traffic, adapting in real-time without any human intervention.

Despite the scale and complexity of the attack, Radware’s systems were able to block all malicious requests while ensuring legitimate traffic continued to flow to the institution’s services. The automated nature of the defense meant that even as the attackers changed tactics, Radware’s algorithms swiftly detected and responded to each new phase of the attack.

Zero Downtime Amid Record-Breaking Attack

Thanks to Radware’s robust protection, the financial institution’s application did not experience downtime or service disruption. The attack, which saw over 6.5 billion requests, with peaks of 16 million RPS, was effectively neutralized without any impact on legitimate users.

The attackers employed several sophisticated techniques to try and evade detection, including:

  • HTTP GET requests that appeared legitimate
  • Randomized headers and path parameters and user-agent designed to confuse traditional defenses
  • For example, header referrer randomly appears at 60% of the transaction with some unique values

Despite these evolving tactics, Radware’s Web DDoS Protection was able to adapt in real-time, continuously updating its defenses to stay ahead of the attackers. During the incident, Radware also provided the financial institution with real-time updates and statistics, keeping them informed of the attack’s progression and the steps taken to mitigate it.

Image B: the image show an attack samples – highlighted the attack randomization Image B: the image show an attack samples – highlighted the attack randomization

Radware: Fully Protecting Financial Institutions from Evolving Threats

This record-breaking attack serve as a stark reminder of the constantly evolving nature of cyber threats. Radware’s successful mitigation not only protected the financial institution’s operations but also reinforced the importance of advanced cybersecurity measures in today’s increasingly hostile online environment.

As cyberattacks continue to grow in scale, speed, and complexity, it’s essential for organizations to adopt proactive defense strategies. Radware’s automated, real-time Web DDoS protection offers businesses the peace of mind that they can withstand even the most sophisticated threats without compromising service availability.

Call to Action

Don’t let your business fall victim to the next big DDoS attack. To learn more about how Radware can protect your organization from similar threats, visit Radware’s website.

Rotem Elharar

Rotem Elharar

Rotem Elharar is a Product Manager in Radware’s Cloud Security Service. She is a 15-year veteran of the technology sector and has focused on cybersecurity since joining Radware over 5 years ago. While helping ensure customers’ cloud applications are optimally protected, Rotem consistently delivers cutting-edge products that effectively tackle complex security challenges while elevating the overall customer experience. She earned a Bachelor of Engineering degree at Ben-Gurion University of the Negev in Beersheba, Israel.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia