Andrey Slastenov, Head of Security at Gcore looks at the contributing factors behind a recent rise in DDoS attacks in 2024.

In the first half of 2024, DDoS (Distributed Denial of Service) attacks surged by an alarming 46% compared to the same period in 2023.

This sharp increase is accompanied by a significant rise in attack power, with peak levels being measured in terabits per second (Tbps) for the second consecutive half-year.

The new Gcore Radar report, a twice-yearly publication which monitors DDoS attack trends, underscores the growing threat landscape faced by various industries, particularly gaming and technology, which are becoming increasingly vulnerable to aggressive cyber-attacks.

The findings indicate that not only are DDoS attacks becoming more frequent, but their potency is also increasing, posing significant risks to businesses and service providers globally.

The tech sector is in the sights of attackers

The gaming industry continues to be the primary target for DDoS attacks, according to Gcore’s data, accounting for nearly half of all incidents reported in the first half of 2024.

The report notes a 3% increase in attacks on the gaming sector compared to the last two quarters of 2023.

These attacks are often perpetrated by competitors within the gaming community, seeking to disrupt opponents during tournaments or matches for a competitive edge.

Moreover, DDoS attacks on gaming services can have severe financial repercussions, as downtime directly impacts monetisation efforts.

The most significant increase, however, in attack frequency was observed in the technology sector, where the number of incidents more than doubled to 15%.

This surge reflects the growing attractiveness of technology companies as targets, particularly those hosting critical infrastructure that can disrupt business operations if compromised.

In addition, disrupting a technology provider can have a cascading effect, impacting multiple businesses and services simultaneously.

The technology sector was the second most-impacted by network-layer attacks, following gaming.

Rich rewards put financial services and e-commerce under threat

Financial services businesses were notably affected by application-layer attacks, which constituted 41% of all such incidents.

The Gcore Radar report attributes this to the sector’s low tolerance for downtime, the risk of penalties and the high potential for financial gain by attackers.

E-commerce was the second most targeted by application-layer attacks, at 28%, followed by media and entertainment at 13%.

These attacks not only cause immediate disruptions, but also have lasting impacts on brand reputation and customer trust.

The origins of threats are widely dispersed

Gcore utilises IP addresses of attackers to determine the country of origin for application-layer attacks and the location of data centres receiving attack packets for network-layer assaults.

This allows the company to see how widespread are the geographic locations from which attacks are launched.

The United States was the largest source of network-layer attacks in the first half of the year, followed by Germany, the Netherlands and Singapore.

This broad distribution underscores the global nature of the DDoS threat and the need for businesses to implement comprehensive, geographically dispersed defence mechanisms.

Attack vectors, power and duration

The increase in peak attack volumes that the Gcore Radar report highlighted in 2H 2023 has continued, rising from 1.6 Tbps to 1.7 Tbps.

This rise should be taken seriously by organisations, given that an attack of just 300 Gbps can take down an unprotected server in moments and cause huge consequences.

In terms of the vectors being used by bad actors, UDP floods remain the most prevalent attack vector at the network layers (L3–L4), followed by TCP and SYN floods. For application-layer attacks (L7), HTTP floods were the most common.

The report also highlights a trend of short, powerful attacks, with the majority lasting less than ten minutes.

However, these brief attacks can still cause significant disruption, leading to service abandonment by users and considerable reputational damage to the affected service providers.

The longest recorded attack in H1 2024 lasted 16 hours, illustrating the potential for sustained, high-impact disruptions.

A call to action – robust DDoS mitigation is essential

The DDoS attack landscape is becoming increasingly serious in terms of both the rise in attack numbers and the potency of attacks.

Six months ago, when we recorded that attack volumes were reaching the terabit range, we knew that this was a signal for all companies to double-down on their efforts to repel DDoS attacks.

Unfortunately, this is a trend that is moving in the wrong direction and businesses must assess why they are being targeted and what they can do to implement robust DDoS detection, mitigation and protection strategies to avoid disruption, downtime and revenue loss.

The Gcore Radar report is as an important resource for businesses and individuals aiming to stay informed about the latest developments in cybersecurity.

As the report shows, the threat landscape is not slowing down, and a proactive approach to defence is more critical than ever.

More Security News