This increase is attributed to global events such as wars and elections.

The report said that attacks against Western-interest websites often originate from pro-Russian hacktivist groups like REvil, KillNet, and Anonymous Sudan.

Distributed Denial of Service (DDoS) attacks remain cybercriminals’ preferred weapon, constituting over 37 per cent of all mitigated traffic. In Q1 2024, Cloudflare blocked 4.5 million unique DDoS attacks—nearly a third of the previous year’s total.

DDoS attacks are increasing in volume and sophistication. Last August, Cloudflare handled an HTTP/2 Rapid Reset DDoS attack peaking at 201 million requests per second (RPS), three times larger than any previous attack.

Securing application programming interfaces (APIs) is crucial, as 60 per cent of dynamic web traffic is API-related. However, many organisations remain unaware of a quarter of their API endpoints, leaving them vulnerable.

Enterprise applications now rely on an average of 47 third-party scripts, connecting to nearly 50 third-party destinations. Each of these connections poses a potential security risk.

The recent Polyfill.io JavaScript incident affected over 380,000 sites, emphasizing the need for vigilance regarding third-party scripts.

The report said that approximately 38 per cent of HTTP requests processed by Cloudflare come from automated bots. While some serve legitimate purposes (like customer service chatbots), up to 93 per cent may be malicious.