A surge in volume of DDoS attacks in H2 2023 has seen the cybersecurity industry measuring these attacks in a new unit, Terabits.
So finds international cloud and edge solutions provider, Gcore in its Q3-Q4 2023 Gcore Radar report that provides insights into the current state of the DDoS protection market and cybersecurity trends.
The report finds that there were a number of significant developments in the scale and sophistication of cyberthreats in 2H 2023, including the maximum attack power rising from 800 Gbps (1H 2023) to 1.6 Tbps. The study also finds that the most-attacked business sectors were gaming (46%), financial (including banks and gambling services) (22%) and telecom (18%).
USA (24%), Indonesia (17%) and The Netherlands (12%) list as the top three attack source countries, while In Q3/Q4, the longest attack duration lasted nince hours. The average length of attack was approximately an hour.
UDP floods constitute 62% of DDoS attacks. TCP floods and ICMP attacks remain popular at 16% and 12% respectively and SYN, SYN+ACK flood, and RST Flood, account for just 10% combined.
High-volume attacks: a surging threat
The past three years have brought about a >100% annual increase in DDoS peak (registered maximum) attack volume. In 2022, the peak capacity of DDoS attacks increased from 300Gbps (2021) to 650 Gbps. In Q1–Q2 of 2023, it increased again to 800 Gbps, while in Q3–Q4 of 2023, it rocketed to 1600 Gbps (1.6 Tbps).
The jump in H2 of 2023 has resulted in the cybersecurity industry now measuring DDoS attacks in a new unit, Terabits. This escalation illustrates a significant and ongoing rise in the potential damage of DDoS attacks which, according to Gcore, is a trend that it expects to see continue in 2024.
DDoS Attack Techniques
According to Gcore’s statistics, in Q3-Q4 of 2023 UDP floods continue to dominate having become more popular amongst attackers in H1 of 2023. TCP floods and ICMP attacks have jumped into second and third place respectively.
There was a decrease in the number of SYN flood attacks from 24% in H1 of 2023, seeing SYN, SYN+ACK floods, and RST Floods making up the remaining types of attack in Q3/Q4.
Commenting on these findings, Andrey Slastenov, Head of Security Department at Gcore, says: “The exponential surge in attack power and variation in attack methods that we saw in the second half of 2023 illustrates how sophisticated cyber attackers are becoming. It’s more essential than ever for organisations to adopt a multifaceted defence strategy that can protect against a range of DDoS techniques. Failure to address these evolving threats can result in costly disruptions, reputational damage, loss of customer trust, and security breaches.”
DDoS attacks by geography
Gcore’s findings in the latter half of 2023 illustrate a widespread global threat as it identified attack sources ranging from the US, Indonesia and The Netherlands as the top three countries respectively, and Mexico, Germany and Brazil coming in as the bottom three attack source countries.
According to Gcore’s report, the gaming, financial and telecom were the most attacked sectors in Q3–Q4 of 2023 which is likely to be due to their financial gains and the potential impact on users. These findings underscore the need for targeted cybersecurity strategies like countermeasures for specific gaming servers.
Slastenov concludes: “The increase in attack power to 1.6 Tbps is particularly alarming, signalling a new level of threat for which organisations must prepare. Paired with the geographical distribution of attack sources, it’s clear that DDoS threats are a serious and global issue, necessitating international cooperation and intelligence sharing to mitigate potentially devastating attacks effectively.”
The Gcore Radar report offers readers an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the latest developments in cybersecurity.
To access the full report, please follow the link.