Malicious DDoS attacks up by 150 percent

In 2022, the number of DDoS attacks grew 150 percent globally compared to the previous year, while the number of attacks in the Americas rose even faster, increasing 212 percent compared to 2021.

These figures are from the 2022 Global Threat Analysis Report released today by Radware which also shows the frequency of DDoS attacks saw a significant uptick. Globally, organizations mitigated an average of 29.3 attacks per day during the fourth quarter of 2022, 3.5 times more compared to 8.4 attacks per day at the end of 2021.

The total global attack volume recorded in 2022 was 4.44PB, an increase of 32 percent compared to 2021, the Americas faced the heftiest increase, growing 110 percent compared to 2021. While EMEA beat the Americas in frequency of attacks, it saw total attack volume decline in 2022, decreasing by 44 percent compared to the previous year. Globally, the largest recorded attack in 2022 was 1.46Tbps, 2.8 times larger than the largest recorded in 2021.

"'More' is the operative word for the global threat landscape in 2022. Compared to 2021, there were not only more DDoS attacks in terms of sheer number, but they were also more powerful, frequent and complex, spanning more attack vectors," says Pascal Geenens, director of threat intelligence for Radware. "The surge can be attributed in part to digitalization, the war in Ukraine, and a long-tail of new vulnerabilities and exposed services driven by work-from-home remote access during Covid. The ongoing tensions between major world powers have also led to a rise in state-sponsored cyberattacks and espionage activities."

DDoS attacks have continued to increase in complexity too. Attackers typically leverage multiple and dissimilar vectors to increase the impact and make attack mitigation harder. On a global basis in 2022, attacks above 1Gbps on average had more than two dissimilar attack vectors per attack, which doubled in complexity for attacks above 10Gbps. Attacks above 100Gbps had on average more than nine dissimilar attack vectors with the most complex attacks leveraging 38 dissimilar vectors.

On a global basis, finance was the most attacked industry, with 53 percent of the overall attack activity, followed by technology (20 percent) and healthcare (11 percent). On geographic distribution, finance and technology are still among the industries bearing the brunt of the DDoS activity. In America, finance represents 32 percent of the attack activity, followed by healthcare (24 percent) and technology (17 percent). In EMEA, finance (71 percent) also tops the list as the most-attacked industry, followed by technology (16 percent) and government (four percent).

The full report is available from the Radware site.

Image credit: stevanovcigor/depositphotos.com