The Gcore Radar Report for the first half of 2024 offers a detailed analysis of DDoS attack data, highlighting shifts in attack patterns and the broader cyber threat landscape. Here’s a summary of key findings from the report.
Key Insights
- The number of DDoS attacks increased by 46% in H1 2024 compared to the same period last year, reaching 445,000 attacks in Q2 2024. This represents a 34% rise from the previous six months (Q3–Q4 2023).
- Peak attack power showed a slight increase: the most powerful attack in H1 2024 reached 1.7 Tbps, up from 1.6 Tbps in 2023. Although the increase is only 0.1 Tbps, it reflects a rise in attack potency with significant implications.
To give context, 1 Tbps of data can equate to over 212,000 high-definition video streams being transmitted simultaneously. Even a 300 Gbps attack can disrupt an unprotected server, potentially damaging its reputation, customer loyalty, and business.
Most-Affected Industries
- The gaming and gambling industry remains the most targeted, accounting for 49% of attacks. This sector’s high stakes and competitive environment make it particularly vulnerable.
- The technology sector has seen a marked increase in attacks, now comprising 15% of total incidents. As technology providers host crucial services such as servers and networking resources, attacks on this sector can disrupt multiple industries.
- Financial services, telecom, and e-commerce follow, with 12%, 10%, and 7% of attacks, respectively.
Tracking and Attack Duration
Identifying the sources of application-layer attacks involves tracing IP addresses to specific countries, aiding defensive measures. Network-layer attacks often use IP spoofing, complicating origin tracking. Common attack methods include UDP floods for network-layer attacks and HTTP floods for application-layer attacks, targeting protocol vulnerabilities.
Most DDoS attacks are brief, typically lasting under 10 minutes, but their frequency and intensity can cause significant operational disruption. The longest attack in H1 2024 lasted 16 hours, highlighting the need for effective and responsive mitigation strategies.
Personalised Attacks
Attackers are increasingly customising their methods to target specific industries. This shift towards more sophisticated attacks calls for advanced, tailored defensive measures and emphasises the need for international cyber defence cooperation.
In the gaming industry, attacks often aim to disrupt specific servers, pushing users towards rivals. For financial services, attacks typically aim for maximum disruption, often through ransomware.
The varying duration of attacks reflects more advanced tactics, tailored to the vulnerabilities and priorities of different targets. Gaming industry attacks are often short but frequent, while attacks on financial services and telecom sectors are usually more intense and varied in length due to their higher stakes.
Conclusion
The rise in DDoS attacks highlights the critical global issue, requiring international collaboration and intelligence sharing to mitigate their impact effectively.
With the growing complexity and precision of DDoS attacks, maintaining a vigilant and proactive defensive stance is essential. Gcore DDoS Protection, with its extensive network capacity, global reach, and continuous learning from millions of internet properties, offers comprehensive safeguards to ensure business continuity and robust security across various vulnerable industries.