Cloudflare has noticed a sharp increase in DDoS attacks in the third quarter of 2024. The company said it was able to fend off almost six million attacks.

Cloudflare publishes a quarterly report on DDoS attacks. The trend has been consistent for several quarters in a row: DDoS attacks are increasing, both in number and size. In the third quarter of 2024, DDoS had to intervene in six million DDoS attacks. According to Cloudflare, this is an increase of 49 percent quarter-on-quarter and 55 percent year-over-year.

Hypervolumetric

Cloudflare reported more than 200 hypervolumetric DDoS attacks in the third quarter of 2024. These attacks reached speeds of more than 3 terabits per second (Tbps) and two billion packets per second (Bpps). The largest attack peaked at 4.2 Tbps and lasted just a minute. The total number of attacks so far in 2024 is 14.5 million, an average of 2,200 attacks per hour.

The financial sector was the most common target of these attacks, followed by the IT services sector. In terms of geographical distribution, China was the most frequently attacked location, while Indonesia was the largest source of DDoS attacks. The United Arab Emirates, Hong Kong, Singapore and Germany were also among the hardest hit regions.

Half of the attacks detected in the third quarter were network-level DDoS attacks, which increased 51 percent compared to the previous quarter. HTTP attacks at the application layer increased by 61 percent. Hypervolumetric attacks that reach speeds of 1 Tbps or more pose a serious challenge, especially given their short but powerful impact. A slight increase was seen in seizures lasting more than an hour.

The main attack vectors at the network layer were SYN flood attacks, followed by DNS floods and UDP floods. At the application level, 72 percent of attacks were carried out by known botnets that were automatically mitigated by Cloudflare’s heuristics. Attacks using suspicious HTTP properties or through fake browsers accounted for 13 and 9 percent of attacks, respectively.

Increasing danger

Cloudflare highlights the increasing threat of hyper-volumetric DDoS attacks, which can damage internet resources at high peak speeds. Geopolitical tensions and advanced botnets are increasing the risk for a variety of organizations that increasingly need to protect themselves from these threats.

The report points out that a proactive approach and well-prepared security strategies are essential to remain prepared against these cyber threats. If you want to dive into the full report, you can read it here.