Radware® (NASDAQ: RDWR), a leading global provider of application security and delivery solutions for multi-cloud environments, has released threat intelligence insights highlighting a year-over-year increase in cyber activities across the APAC region.

These insights are derived from Radware’s 2024 network and application attack data collected through its cloud and managed services, as well as its dedicated threat intelligence research team. The analysis also incorporates information gathered from Telegram, a public messaging platform frequently used by cybercriminals.

Key findings

Between 2023 and 2024 in APAC:

• Average mitigated DDoS attack volumes rose 364%
• The number of DNS flood queries rose 93%
• Government institutions were the top hacktivist targets, followed by education.

“Across APAC, there has been a sharp escalation in the frequency and intensity of cyberattacks and DDoS incidents are leading the charge,” said Kenichiro Sasaki, Radware’s county manager in Japan. “Multiple catalysts are driving the threat revolution, including geopolitical conflicts, bigger and more complex threat surfaces, and more sophisticated and persistent threats. Add to that the impact of AI, which is lowering barriers to entry, and what you have is a highly dynamic threat environment that demands equally dynamic defense strategies.”

Network-layer DDoS attacks grow three times bigger

In 2024, network DDoS attack activity and intensity witnessed a significant uptick in APAC. According to Radware’s threat intelligence:

• Attack activity: The average number of DDoS attacks per customer increased 72% compared to 2023
• Attack volume: The average mitigated DDoS attack volume climbed 364% over 2023
• Industry targets: Services providers bore 55% of the network DDoS attack volume, followed by technology at 21% and gaming at 11%

Application-layer DNS DDoS attacks post major gains

Last year was a pivotal year in the global evolution of Layer 7 DNS DDoS attacks. During 2024 in APAC:

• Attack activity: The number of DNS flood queries rose 93% compared to 2023
• Attack volume: Malicious DNS volume increased 93% over 2023
• Industry targets: The manufacturing sector accounted for 43% of malicious DNS Query Flood activity. Telecom (40%) ranked second, followed by energy (14%)

Hacktivist campaigns intensify, marked by retaliation and disruption

Propelled by political and ideological tensions, hacktivism remained a leading driver of cyberattacks. On a global basis, the total number of hacktivist-claimed DDoS attacks increased by 20% between 2023 and 2204, according to data gathered from Telegram.

Across APAC, 2024 Telegram data revealed:

• Geographic targets: The top targeted country was India with 761 claimed attacks, followed by Indonesia (614), Taiwan (281), Thailand (220), and Bangladesh (188)
• Industry targets: Government institutions were the top hacktivist targets, accounting for 17% of hacktivist activity, followed by education (12%) and finance (9%)
• Top claiming actors: Executor DDoS was the most prolific threat actor with 513 claimed DDoS attacks, followed by RipperSec (467), and NoName057(16) (362)

A comprehensive global view of the threat landscape can be found in Radware’s new 2025 Global Threat Analysis Report.

About Radware

Radware® (NASDAQ: RDWR) is a global leader in application security and delivery solutions for multi-cloud environments. The company’s cloud application, infrastructure, and API security solutions use AI-driven algorithms for precise, hands-free, real-time protection from the most sophisticated web, application, and DDoS attacks, API abuse, and bad bots. Enterprises and carriers worldwide rely on Radware’s solutions to address evolving cybersecurity challenges and protect their brands and business operations while reducing costs. For more information, please visit the Radware website.