According to figures from Cloudflare, DDoS attacks will become significantly more common in 2024 and will also increase in size and complexity.

In the first half of 2024, Cloudflare stopped 8.5 million DDoS attacks, including 4 million in the second quarter. Although the number of attacks in the second quarter decreased by 11 percent compared to the first quarter, there was a 20 percent increase year-on-year. Cloudflare blocked a total of 57 petabytes of DDoS traffic at the network level, several times the size of Netflix’s entire catalog.

Increasingly sophisticated

Quality and quantity rarely go hand in hand, but the report shows that attackers are becoming more sophisticated. Cloudflare’s systems generated nearly 19 million “fingerprints” to identify and stop attacks, indicating a significant increase in complexity. This sophistication is attributed to the rise of generative AI and automated systems that make it easier for cybercriminals to create sophisticated attack code.

The motives behind the attacks do not differ significantly from classic hacks. In May, 16 percent of victims said that the perpetrators had demanded a ransom from them, the highest percentage in twelve months. Seventeen percent suspected that the attacks were carried out by states or state-sponsored groups. 59 percent blamed a business competitor. In three out of four attacks, the victims do not know who is behind them.

Countries and sectors most affected

China was the country most affected by DDoS attacks in Q2 2024, followed by Turkey and Singapore. Not a single European country makes it into the top 15. The Netherlands seems to be a popular location for DDoS attacks, with only Argentina and Indonesia recording higher activity. The IT sector turned out to be the most attacked market, followed by the food and beverage and telecommunications sectors in second and third place.

Although most DDoS attacks are small and short-lived, they can cause significant disruption to services that are not properly prepared. A common technique is to simply “overload” the victim’s servers with requests.

French cloud provider OVHCloud recently reported a record-breaking DDoS attack. At peak times, attack waves reached up to 840 million requests per second at a bitrate of 2.5 Tbit/s.