Insight into the DDoS Threat Landscape: Second Quarter of 2024

Based on a new report on DDoS threats for the second quarter of 2024, we provide you with an in-depth analysis of the current DDoS threat landscape as observed worldwide.
With a network capacity of 280 terabits per second across over 320 cities globally, covering 19% of all websites, we offer unique insights and trends for the global internet community.

Key Insights for the Second Quarter of 2024:

• A 20% increase in DDoS attacks compared to the previous year was recorded.
• One out of every 25 respondents reported that the DDoS attacks against them were carried out by state-level or state-sponsored actors.
• Threat actor capabilities reached an all-time high as automated defenses generated ten times more fingerprints to counter and mitigate sophisticated DDoS attacks.

Recap: What is a DDoS Attack? A Distributed Denial of Service (DDoS) attack aims to disrupt or disable internet services, such as websites or mobile apps, making them unavailable to users. This is typically achieved by overwhelming the victim's server with more traffic than it can handle, preventing it from processing legitimate user traffic.

Increase in DDoS Threats in the First Half of 2024

In the first half of 2024, 8.5 million DDoS attacks were mitigated: 4.5 million in the first quarter and 4 million in the second quarter. Overall, the number of DDoS attacks in the second quarter decreased by 11% quarter-over-quarter but increased by 20% year-over-year.

Distribution of DDoS Attacks by Types and Vectors

Throughout 2023, 14 million DDoS attacks were mitigated, and halfway through 2024, 60% of that number has already been reached. Successfully, 10.2 trillion HTTP DDoS requests and 57 petabytes of network-layer DDoS attack traffic were mitigated, preventing them from reaching customers' origin servers.

Ransom DDoS Attacks

In May 2024, the percentage of attacked customers who reported being threatened by a DDoS attacker or subjected to a ransom DDoS attack reached 16% – the highest in the past 12 months. The quarter began relatively low, with 7% of customers reporting a threat or ransom attack. This figure quickly jumped to 16% in May and slightly dipped to 14% in June.

Threat Actors

75% of respondents reported that they did not know who attacked them or why. Of the respondents who claimed to know, 59% said it was a competitor who attacked them. Another 21% said the DDoS attack was carried out by a disgruntled customer or user, and another 17% said the attacks were carried out by state-level or state-sponsored actors. The remaining 3% reported it was a self-inflicted DDoS attack.

Most Attacked Countries and Regions

In the second quarter of 2024, China was ranked as the most attacked country in the world, followed by Turkey, Singapore, Hong Kong, Russia, Brazil, and Thailand.

Most Attacked Industries

The Information Technology & Services industry was ranked as the most targeted industry in the second quarter of 2024, followed by the Telecommunications and Service Providers sector and the Consumer Goods industry.

Largest Sources of DDoS Attacks

Argentina was ranked as the largest source of DDoS attacks in the second quarter of 2024, followed by Indonesia and the Netherlands.
DDoS Attack Vectors and Characteristics
DNS-based DDoS attacks remained the most common attack vector, followed by SYN floods and RST floods, both types of TCP-based DDoS attacks.

Conclusion

The threat from DDoS attacks continues to increase as threat actors use increasingly sophisticated methods. Businesses must continually evolve and adapt to protect their IT infrastructure and ensure the integrity of their systems.
This analysis highlights the importance of staying up-to-date with the latest technology and implementing robust security measures. Visit our website to learn more about our defense mechanisms and security solutions.