Applications
Cyber villains multiply their mischief as web attacks surge by a fifth
MUMBAI: The internet’s dark side got considerably darker in 2024, with web application and API attacks surging by 21.4 per cent to a staggering 887.4 billion attempts globally, according to CDNetworks’ latest State of WAAP Report. If that sounds like a lot, it is—roughly 1.52 billion attacks were thwarted daily throughout the year. That makes it almost a trillion attacks in total in just one year alone.
The cybercriminal economy is booming, and artificial intelligence has become both sword and shield in this digital arms race. Terabit-level DDoS attacks—the sort that can flatten entire digital infrastructures—increased nearly tenfold compared to 2023, with 219 such behemoths recorded. Most alarmingly, 86 per cent of these mega-attacks lasted longer than 10 minutes, suggesting attackers have ditched the old hit-and-run playbook for prolonged sieges.
Gaming platforms bore the brunt of this digital violence, accounting for 57.38 per cent of network-layer DDoS attacks. The sector’s misfortunes peaked with a bone-crushing 2 terabit-per-second assault in March and an application-layer attack exceeding 31 million requests per second in June. As one CDNetworks engineer put it, these weren’t just attacks—they were “digital carpet bombings.”
E-commerce sites found themselves equally besieged, with bot attacks against online retailers skyrocketing from 18 per cent to 46.2 per cent of all bot traffic. The culprits? Sophisticated scalping bots that have evolved into integrated systems capable of mimicking human behaviour across multiple stages—from login to payment processing. These aren’t your grandmother’s clunky web scrapers; they’re AI-enhanced digital locusts that adapt to security measures in real-time.
The rise of generative AI has democratised cybercrime, lowering the barrier to entry for would-be digital marauders. CDNetworks’ platform detected a 114.7 per cent year-over-year increase in blocked bot traffic intercepted by its AI-powered defences. The message is clear: if you’re not using AI to defend yourself, you’re bringing a knife to a gunfight.
API security emerged as another Achilles’ heel, with attacks surging 147 per cent. Most troubling, 78 per cent of these attacks occurred after user authentication—suggesting that once hackers get past the front door, they’re often free to ransack the digital house. Traditional security models that focus solely on perimeter defence are proving woefully inadequate.
The assault wasn’t evenly distributed. Gaming, e-commerce, and media & entertainment sectors topped the target list, with attackers showing a particular fondness for disrupting digital experiences during peak usage periods. The fourth quarter saw a concentration of attacks, with cybercriminals capitalising on holiday shopping seasons and major game releases.
HTTP protocol violations accounted for 71 per cent of web vulnerabilities exploited, reflecting a 12.17 per cent increase year-over-year. Meanwhile, the humble Syn flood attack remained the weapon of choice for DDoS perpetrators, accounting for 43 per cent of all attacks—proof that sometimes the old ways are still the best ways.
Not all the news was grim. CDNetworks’ AI-powered bot management successfully blocked 67 per cent of malicious bot traffic in 2024, up from just 40 per cent in 2023. The platform’s crowning achievement came on 1 October, when it successfully mitigated a massive attack targeting a major browser game platform in Southeast Asia—a 1.24 terabit assault at the network layer and over one million queries per second at the application layer—with zero downtime.
The report’s recommendations read like a cybersecurity manifesto: phase out single-layer protection strategies, invest heavily in AI capabilities, prioritise unified WAAP platforms over siloed tools, elevate API security from afterthought to centrepiece, and partner with providers offering end-to-end support.
As one CDNetworks executive noted: “The days of reactive cybersecurity are over. In 2024, we saw attackers using AI to probe 50,000 API endpoints in a single operation, boosting attack efficiency by up to 40 times. The only way to fight AI is with better AI.”
The message for businesses is stark: adapt or become another statistic. With cyber-attacks showing no signs of slowing and AI making both attackers and defenders more capable, the digital Wild West is only getting wilder. The question isn’t whether your organisation will be targeted—it’s whether you’ll be ready when the digital desperados come calling.
Applications
With 57 per cent single new users, Ashley Madison rebrands as discreet dating platform
Platform says majority of new members now identify as single
INDIA: Ashley Madison is shedding the “married-dating” label that defined it for two decades, repositioning itself as a platform for discreet dating in what it calls the post-social media age.
The rebrand, unveiled in India on 27 February, 2026, marks a structural shift in business model and identity. Once synonymous with married dating, the company now describes itself as the “premier destination for discreet dating” under a new tagline: Where Desire Meets Discretion.
The pivot is data-driven. Internal figures show that 57 per cent of global sign-ups between 1 January and 31 December, 2025 identified as single: a notable departure from the platform’s married core. The company argues that its community has already evolved beyond its original positioning.
“In an age where our lives have been constantly put on public display, privacy has become the new luxury,” said Ashley Madison chief strategy officer Paul Keable. He framed the platform’s offering as “ethical discretion” for singles, separated, divorced and non-monogamous users seeking private connections.
The shift also taps into wider digital fatigue. A global survey conducted by YouGov for Ashley Madison, covering 13,071 adults across Australia, Brazil, Canada, Germany, India, Italy, Mexico, Spain, Switzerland, the UK and the US, found mounting discomfort with hyper-public online lives.
Among dating app users, 30 per cent cited constant swiping and messaging as a source of fatigue, while 24 per cent pointed to pressure to curate public-facing profiles and early personal disclosure. Some 27 per cent said fears of screenshots or information being shared contributed to exhaustion; an equal share cited unwanted attention.
The retreat from oversharing appears broader. According to the survey, 46 per cent of adults actively try to keep most aspects of their life private online. Only 8 per cent feel comfortable sharing most aspects publicly, while 35 per cent say they are becoming more selective about what they disclose.
Ashley Madison is betting that this cultural recalibration towards controlled visibility can be monetised. By doubling down on privacy infrastructure and reframing itself around discretion rather than infidelity, the company is attempting to convert reputational baggage into a premium proposition.
