The aim of a distributed denial of service (DDoS) attack is to overwhelm a network or server resources in order to force an interruption of work. Using malware, it causes the network’s systems to make hundreds of thousands, or even millions, of requests per second. The server fails to respond to each, triggering downtime.
This downtime costs the organization millions of dollars in lost business opportunities. The money needed to recover from DDoS adds to the ongoing financial losses. Clever businesses adopt DDoS protection software to safeguard their networks.
The statistics below explore the current state of DDoS. They talk about the magnitude of attacks, duration, costs, and other factors.
Top DDoS attack statistics
Below are some relevant statistics on DDoS attacks that showcase what’s new and yet to come with this kind of cyber attack.
- There were 1.7 million HTTP DDoS attacks, 1.5 million DNS DDoS attacks, and 1.3 million L3/4 DDoS attacks in Q1 2024.
- Data centers in the US ingested more than 40% of L3/4 DDoS attacks in Q1 2024. Germany remains the second largest source of similar attacks. Brazil, Singapore, Russia, South Korea, Hong Kong, United Kingdom, Netherlands, and Japan together account for the third largest source of attacks.
- Information technology and internet was the most attacked industry in Africa and Europe, while marketing and advertising was the most attacked industry in North America in Q1 2024.
13
DDoS-for-hire marketplaces were shut down in 2023 by the Federal Bureau of Investigation (FBI).
Source: KrebsonSecurity
- Using over 15 million infected IP addresses globally, Botnets are standard tools for launching DDoS attacks. Though other variants exist, Mirai malware frequently creates these botnets. A Mirai variant botnet remains responsible for every four out of 100 HTTP DDoS attacks and two out of every 100 L3/4 DDoS attacks in 2024.
- DNS-based DDoS attacks grew to 54% in Q1 2024, which is 80% higher than the last year.
- Jenkins Flood, DDoS attack vector, exploits Jenkins automation server vulnerabilities. It launched 826% more attacks QoQ in 2024.
The rise of DDoS
Threat actors have grown smarter and sneakier. Modern hackers disguise DDoS attacks as genuine traffic, making them harder to detect. The stats below make it obvious they’re on the rise.
Understanding their growth trajectory will help you respond in a way these bigger magnitude attacks would assume.
- In Q1 2024, the rate of DDoS attacks escalated. HTTP DDoS attacks went up by 93% YoY. Network layer DDoS attacks went up by 28% YoY.
- The average attack size increased by 233.33% in 2024.
- A strategic shift is observed in the nature of DDoS attacks, meaning malicious agents are now aiming to launch more impactful assaults. The largest DDoS attack reached 700 Gbps, which was 30.92% more than 2023.
- One out of every 10 HTTP DDoS attack targeted the US, followed by China, Canada, Vietnam, Indonesia, Singapore, Hong Kong, Taiwan, Cyprus, and Germany.
466%
more DDoS attack traffic targeted Sweden after it was accepted in the NATO alliance.
Source: Cloudflare
- China experienced the most number of network layer DDoS attacks, which was almost 39% off all DDoS attacks in Q1` 2024.
- In Q1 2024, ransom DDoS attacks decreased by 22% QoQ.
- HTTP DDoS attacks shot up by 51% in Q1 2024.
- Application-layer DDoS attacks shot up by 5% from the previous quarter.
Cost of launching a DDoS attack vs. the cost of dealing with one
Launching a DDoS attack is incredibly cost-effective, but the financial losses of recovering from an attack are astronomical. The statistics below compare the financials of DDoS, both for attackers and target victims.
- Attackers can rent online resources to launch attacks for just $5 per hour. It’s notoriously cheap for the attacker.
- Online retailers and small businesses lose $ 8,000 to $74,000 for each hour of downtime.
$6,000
is what companies shell out on an average for each minute of attack.
Source: Zayo
- Every minute of downtime during a DDoS attack costs $22,000.
- Small or midsize businesses might spend $120,000 to recover from an attack.
Notable DDoS attacks on companies
Some tech giants and reputable companies have suffered DDoS attacks despite having security measures set in place. Some were able to protect their assets, others were not. Continue reading to explore the magnitude of DDoS these companies faced in the recent past.
- When GitHub was attacked in February 2018, it peaked at 126.9 million packets per second.
- In February 2020, an Amazon Web Services (AWS) customer encountered a vast DDoS attack that exploited a connectionless lightweight directory access protocol (CLDAP) server. The attack sent data to the victim's IP 50-70 times more than usual.
- In November 2021, a powerful DDoS attack targeted a Microsoft Azure client. The attack surged to 3.45 terabytes per second (Tbps) with a packet rate of 340 million packets per second.
46 million
requests per second came to be when a Google Cloud Armor customer was attacked with DDoS in 2022. The requests came from 5,000 IP addresses in 132 countries.
Source: Google Cloud
- In Q1 2024, gaming and gambling companies saw a 7.45% spike in application layer attacks from the previous quarter.
- An Asian hosting provider experienced a network layer DDoS attack in Q1 2024, which reached 2 Tbps, while many other attacks exceeded the 1 terabit per second rate WoW.
DDoS attack size and duration statistics
DDoS attacks vary in size and duration, depending on the severity of the cyber attack. Some come in waves, making them harder to detect. Others might appear to stop, only to resume again.
The duration of a DDoS attack also has a lot to do with an organization's security posture. Modern attacks grow more potent and lasting every day. Let’s look at the why and how behind it.
- DDoS attacks can last a day or longer based on severity.
- An average DDoS attack utilizes 5.17 gigabytes per second (Gbps).
- DDoS attacks harness 3-5 nodes on diverse networks to attack a target victim.
- Massive DDoS attacks can surpass 71 million requests per second.
8.67 hours
was the average duration of a DDoS attack between 50 and 100 Gbps.
Source: StationX
- Friday is the day of choice for DDoS attacks. 15.36% of attacks happened on Fridays. Conversely, Thursday observed the lowest number of DDoS attacks (12.99%).
- The average duration of DDoS attacks was 68 minutes across industries in 2024.
- The healthcare industry experienced an average attack size of 1.8 Gbps, which is significant because of the Russian Killnet DDoS attack that occurred earlier in 2023.
Fight back
DDoS attacks are ready and on the rise. The stats above indicate a growing threat for businesses and individuals alike, but we can protect ourselves with comprehensive cybersecurity measures.
Conduct regular security audits and train your people on best security practices. Delve into your cybersecurity strategy for potential gaps. Close them before they put a hole in your pocket.
Learn more about how to stop the malicious traffic of a DDoS attack.
This article was originally published in 2023. It has been updated with new information.