GCORE’s latest DDOS radar report analyzes attack data from Q3-Q4 2024 and reveals that the largest attack peaking at record 2 TBPS has increased the total number of DDOS attacks by 56%. The Financial Services sector saw the most dramatic increase with attacks rising 117%, continuing to be the industry where the game has the most targeted. Findings during this period highlight the need for robust and adaptive DDOS mitigation as attacks become more accurate and frequent. Let’s dive into the numbers.
Important Takeout: The Future of DDOS Defense
Here are four key points from the GCORE radar:
The amount and refinement of DDOS attacks is increasing. The 17% growth in total attacks and a new peak volume of 2 Tbps highlight the need for advanced protection. Financial services face growing risks. A 117% increase in attacks will require increased security measures in this sector. Short, high-strength attacks have become the norm. Traditional mitigation approaches need to adapt to rapid burst attacks that can avoid detection. Geopolitical factors influence attack patterns. Understanding the origins of attacks can help strengthen defenses in high-risk regions.
DDOS attack frequency increases to new high
The report highlights a sustained increase in attack frequency. Q3 – Q4 Compared to 2023, DDOS attacks have increased by 56%, highlighting the long-term growth trend.
GCORE identifies several technical and environmental factors that are likely to contribute to an increase in attacks.
Easy access to attack tools: ddos-for-hire services and botnets have reduced barriers to launching attacks. IoT vulnerabilities: Insufficient security IoT devices continue to fuel larger botnets. Geopolitical and economic tensions: Political conflict and economic motivations drive target attacks. More sophisticated attack strategies: Multi-vector and application layer attacks make mitigation more difficult.
The biggest attack reaches 2 Tbps
Q3 – Q4 The biggest recorded attack in 2024 hits 2 TBPS and targets major global gaming companies. This represents an 18% increase from the previous peak of 1.7 Tbps in Q1-Q2 2024.
While these massive attacks are often mitigated quickly, their destructive potential continues to grow. Terrabit-level attacks can cause widespread service outages and financial losses, especially for businesses that rely on real-time operations.
Financial services face a surge in attacks, but the game remains the best target
The game remains the most attacked sector, but the total attack share fell from 49% in Q3-Q4 2023 to 34%. Possible explanations include:
Improved DDOS protection will force attackers to shift the ongoing motivation of attacks due to competitive games and financial incentives, resulting in high revenue impact from service downtime
Additionally, the increase in attacks on financial services rose from 12% to 26% of total incidents. The sector’s heavy regulations, critical online services, and sensitivity to ransom-based attacks make it a major target.
The complete GCORE Radar Report shares industry data for media and entertainment, retail, communications, technology and other industries.
ACK flood and shorter burst rise
The distribution of DDOS attacks across network and application layers during H2 2024 highlights the greater prevalence of network layer attacks.
At the network layer, UDP flood attacks continue to be the most common method, accounting for 60% of all network layer attacks. However, ACK flood attacks are on the rise, and currently accounting for 7% of total attacks. These attacks mimic legal traffic and make mitigation more difficult.
In the application layer, L7 UDP flood attacks accounted for 45%, while L7 TCP flood attacks rose to 37%. GCORE points out that the latter gains traction due to its ability to avoid traditional filtering mechanisms.
Shorter but more destructive attacks
One of the most notable shifts is the reduction in attack duration. Q3 – Q4 The longest recorded attack in 2024 lasted just five hours compared to 16 hours in the previous period.
Short, high-intensity burst attacks are becoming more common. These attacks:
Destroy your services quickly, avoiding persistent detection. It mimics legitimate traffic patterns and makes mitigation more complicated. It acts as a smokescreen for other cyberattacks, including ransomware.
Geopolitical impact
Geopolitical tensions and economic competition continue to shape the DDOS landscape with politically motivated attacks targeting financial services, critical infrastructure and high-value companies. Meanwhile, regions with dense internet infrastructure such as the Netherlands, the US and China use both launch points and battlefields of cybercrime groups that utilize botnets, proxy networks and DDOS-For-Hire services. .
This report identifies key regions that are contributing to DDOS attack traffic.
The US and the Netherlands are the biggest sources of both attack layers. Brazil is a growing hub of network layer attacks. Both China and Indonesia have contributed significantly to the global attack volume.
Download the full report of application layer attack geographic data.
GCORE DDOS Protection: Mitigating a new wave of attack
GCORE DDOS protection utilizes over 200 TBPS filtering capacity across six continents to neutralize attacks in real time. As the DDOS threat evolves, organizations need to adopt proactive defensive strategies to protect their digital assets.
Source link
