From millions of attacks to individual attacks that last nearly 2 weeks — here are 13 DDoS attacks statistics that will blow you away
What if I told you that 8.4 million DDoS attacks took place in 2019 — would you be surprised? Shocked? Well, you should be (and hopefully a bit disappointed, too!). Let’s briefly cover what DDoS attacks are before we jump into the jaw-dropping DDoS attack statistics of the most recent (and the largest) DDoS attacks.
So, let’s get started!
What is a DDoS Attack and How Does It Work?
Let’s say you’ve decided to throw a big party at your place and you’ve invited almost all of your friends, relatives, and colleagues to it. However, there’s one friend whom you’ve not invited, and he’s distraught about it but hasn’t said anything to you. Now, this friend is quite vindictive in nature and decides to spoil your party.
This vindictive friend knows that there’s only one door to enter your building. So, to carry out his plan, he decides to not allow anyone to go through it. For that, he recruits a hundred or so people to stand outside the building entryway and directs them to not move even an inch. Until all of these people move, not a single guest can come to attend your party.
Imagine what you must be going through. Well, that’s what DDoS attacks are like.
But to fully understand what DDoS attacks entail, you first need to understand DoS attacks. In a DoS attack, or what’s known as a denial of service attack, a malicious actor makes a machine, system, or service unavailable so that its users cannot access it. Such disruption of service is typically accomplished by flooding the targeted device with traffic from one computer and internet connection.
Now, to imagine what a DDoS attack is, on the other hand, you’d have to take this single-machine attack and ramp it up significantly. Distributed denial-of-service (DDoS) attacks flood the systems or machines of their victims with traffic from multiple sources. In a general sense, a DDoS attack typically involves multiple machines (a.k.a. bots or zombie computers) coming together to target a single host by flooding it with a shocking number of requests that the host isn’t capable of handling. Nowadays, DDoS attacks typically use botnets — entire networks of infected machines — to perform these attacks.
The thing that makes DDoS attacks so puzzling is the immense difficulty in identifying the source of each attack. And as the host is flooded with so many requests, legitimate users/customers can’t access information systems, devices, or other network resources. This obviously results in financial loss in most occasions and can also cause reputational damage to affected organizations.
DDoS Attack Statistics: An In-Depth Look at Most Recent and Largest DDoS Attacks
Thanks to the apparent financial incentive and the undeniable sophistication it offers, DDoS attacks have been on the rise for quite some time now. Let’s have a look at some of the most eye-opening DDoS attack statistics and some of the most recent and largest DDoS attacks:
- 8.4 Million DDoS Attacks in 2019
The latest threat report published by NetScout reveals a sad but undeniable reality of our security on the internet. According to NetScout threat intelligence, the year 2019 saw a staggering 8.4 million DDoS attacks. This means 670,000 attacks per month, 23,000 attacks per day, and 16 attacks every minute!
- 2019 Saw the Biggest Attacks Ever Recorded with 580 million PPS
2019 didn’t only see the highest number of DDoS attacks, but it was also a witness to the longest DDoS attack ever recorded. According to Imperva’s Global DDoS Threat Landscape report:
2019 saw the largest network and application layer attacks ever recorded, with a network layer DDoS attack that reached 580 million packets per second (PPS) in April, and a separate application layer attack which lasted for 13 days and peaked at 292,000 Requests Per Second (RPS).”
- DDoS Attacks Cost a Lot of Money — from $120,000 to $2 million
The main reason why we’re witnessing such a large surge in DDoS attacks is the financial incentives that these types of attacks provide. Data from Bulletproof’s 2019 Annual Cyber Security Report indicates that a small company could lose up to $120,000 if they fall victim to a DoS or DDoS attack. And the number is even higher for an enterprise with costs surpassing $2 million!
Mind-blowing, isn’t it?
- 64% Increase in DDoS Attacks Targeted at Wireless Telecommunications Companies
Wireless telecommunications companies experienced a 64% increase in DDoS attack frequency year over year, NetScout’s latest threat report indicates. This is believed to be due to gamers in Asian countries using their phone service as wireless hotspots.
- The Online Gaming & Gambling Industry Tops the Target List with 35.92% of Attacks
2019 continued the trend of gaming companies being at the target of most DDoS attacks. Per Imperva’s Global DDoS Threat Landscape Report, the online gaming industry topped the list of targeted industries with 35.92% of the total DDoS attacks aimed at them. The online gambling sector was a close second with 31.25%.
- India Faced the Highest Network Layer DDoS Attacks
One of the biggest surprises that we saw in 2019 was that India was identified as the most targeted country, as far as the number of network layer DDoS attacks is concerned. 22.57% of the network layer DDoS attacks targeted India, according to Imperva’s Global DDoS Threat Landscape report.
This has come as a surprise as this is for the first time India has appeared on the list of the most targeted countries. Another surprise this report shows is that the top four targeted countries are located in East Asia, which represented 77.7% of all network layer DDoS attacks. This makes it the most dangerous region both in terms of the number of network layer attacks and the likelihood of being attacked.
- DDoS Attacks Rose 32% in Q2 2019
From 2018 to 2019, there hasn’t been any slowdown in the frequency of DDoS attacks. Kaspersky’s research shows a remarkable 32% increase in Q2 2019 compared to the same period in the previous year. And out of all attacks prevented by Kaspersky, 46% of them happened to be DDoS attacks. Astonishingly disturbing, isn’t it?
- 57% Increase in Mirai-Based Attack Variants
From 2018 to 2019, we saw a 57% increase in Mirai-based variants targeting 17 system architectures, according to NetScout’s Threat Intelligence Report
- DDoS Attacks Have a 50% Rate of Success
If you’ve been curious about the efficiency of DDoS attacks, then here’s a stat for you: 50% of DDoS attacks in 2018 led to a severe disruption of services. So one in every two attacks disrupted the services of the targeted platform, Kaspersky Labs reports.
- 15% Increase in 100-200 GBPS Attacks
Not only are DDoS attackers getting more creative, but they’re getting smarter about it as well. The rise in 100-200 GBPS attacks is the testament to this. NetScout’s latest threat report shows a 15% increase in 100-200 GBPS attacks. This is a smart move by the attackers since attacks that are greater than 200 GBPS in size tend to draw unwanted attention from law enforcement.
- DDoS Attacks Are Forecast to Double by 2022
We’ll likely need to wait quite some time to see a slowdown in global DDoS attack numbers. Globally, the total number of DDoS attacks is expected to double to 15.4 million by 2023, according to the Cisco Visual Networking Index (VNI).
- DDoS Protection & Mitigation Market to Get Doubled by 2024
Without a single percentage of surprise, the remarkable upsurge in DDoS attacks is expected to coincide rise in the DDoS protection and mitigation market. A research firm has estimated for the DDoS protection and mitigation market to get doubled to $4.7 billion by 2024, showing a compound annual growth rate (CAGR) of 14%.
- DDoS Attackers Expanding their Horizons
NetScout reports that cyber attackers leveraged seven new or increasingly common UDP reflection/amplification attack vectors in 2019. They also combined new variations of well-known attack vectors.
Final Word on DDoS Attack Statistics
As the 2019 numbers suggest, DDoS attackers have truly found their feet. And with billions of connected IoT devices being added to our world every year, we should probably save our astonishment in 2020. And looking at the current trends in DDoS attack statistics, it’s not going to be a good kind of astonishment it seems.