A report from Gcore reveals that distributed denial-of-service (DDoS) attacks have increased in volume and magnitude from Q3-Q4 2023 to Q3-Q4 2024. DDoS attacks increased by 56% year-over-year and 17% since H1 2024. 

Key findings from the report include: 

• The financial sector saw a notable increase in DDoS attacks, from 12% in Q3-Q4 2023 to 26% in Q3-Q4 2024. 
• DDoS attacks are becoming shorter, with five hours being the longest duration observed in Q3-Q4 2024. 16 hours was the longest in H1 2024. 
• The gaming industry is the most targeted, yet attacks in H2 2024 were 31% lower than H1 2024. 

Below, security leaders discuss the implications of these findings. 

Security leaders weigh in

Darren Guccione, CEO and Co-Founder at Keeper Security:

The recent surge in DDoS attacks highlights the growing aggressiveness of cyber threats, which are increasingly difficult to combat with traditional defenses. Cybercriminals are leveraging short, high-intensity bursts to overwhelm systems, particularly in the financial sector, which saw a 117% increase in attacks. Protecting critical assets requires securing access at all levels, not just blocking malicious traffic.

To effectively counter DDoS threats, businesses must implement network monitoring and regularly analyze network traffic to establish a baseline, enabling them to detect anomalies early. Integrating CAPTCHA solutions can also help differentiate between human users and bots, reducing the risk of automated attacks. Organizations should consider developing a robust incident response plan, employing DDoS mitigation services and evaluating and potentially increasing bandwidth capacity to effectively mitigate the impact of these attacks.

Trey Ford, Chief Information Security Officer at Bugcrowd: 

DDoS volumes will continue to expand sympathetically with increases in consumer computing power and internet connection speeds — these volumes are concerning, but unsurprising.

Attack patterns will continue to evolve, but carry the same motives. Gamers have historically tied DDoS attacks to time based contests (for competitive advantage), or in reaction to limits or sanctions (in retaliation).

The notion of pulsing the DDoS attack makes sense as it takes time to profile an attack (patterns, sources, anything to fingerprint) and mount a defense. Time-limiting the attack preserves its efficacy, while adding pressure to the monitoring and response teams to both understand why the attack happened, and limiting the context available to defend against the next one when it comes.

J Stephen Kowski, Field CTO at SlashNext Email Security+:

DDoS attacks are surging due to geopolitical tensions, hacktivism, and the rise of DDoS-as-a-service platforms. Motivations range from financial extortion to political statements, with attackers exploiting the low-cost, high-impact nature of these attacks. Advanced protection solutions that leverage AI and machine learning are crucial to detect and mitigate these evolving threats across all communication channels.

The trend of increasing DDoS attacks is likely to continue, driven by the growing Internet of Things (IoT) ecosystem and the adoption of 5G networks. As attack surfaces expand, we’ll see more sophisticated, multi-vector attacks that combine volumetric assaults with application-layer exploits. Continuous innovation in threat detection and mitigation technologies will be essential to stay ahead of these evolving tactics.

Organizations should implement a multi-layered defense strategy, including cloud-based protection services, on-premises hardware, and robust incident response plans. It’s crucial to adopt solutions that provide real-time threat intelligence and can automatically detect and block malicious traffic across various protocols and attack vectors. Regular security assessments and employee training are also vital components of a comprehensive defense strategy.

https://www.securitymagazine.com/articles/101380-report-shows-ddos-attacks-increased-56-year-over-year