The global landscape of increasing digitization, political unrest and the emergence of widespread adoption of work-from-home have all contributed to an increase in DDoS attacks, which jumped 200% in H1 2023 compared to the full year 2022, according to Zayo’s annual Distributed Denial of Service (DDoS) Insights Report.
Key Findings in Brief:
Rapid Acceleration of Attacks: There was a 314% increase in overall attacks from the first half of 2022 to the first half of 2023. But that’s putting it lightly—in some industries, the growth was over 1,300%.
Q2 2023 Reached a Fever Pitch: As attackers continue to exploit the sophistication of AI and automation, there was a 387% increase in attack activity from Q1 to Q2 of this year alone.
Industries Under Fire:
Telecommunications companies were a prime target for attackers due to the critical role telecom providers play in providing communication and Internet services. The industry saw the most frequent attacks, accounting for roughly half of the total attack volume, with more than 37,000 attacks in the first half of 2023.
Education, which had the highest frequency of attacks in the first half of 2022, was just behind the telecommunications industry. Cloud and Software as a Service (SaaS) companies also saw a significant increase in the frequency of attacks from the first half of 2022 to the first half of 2023.
Retail, telecommunications and media companies experienced the largest attacks, with an average attack size of 3 Gbps across all three verticals, which is a large enough attack to take down one to two offices depending on the company size. The largest aggregate attack, against the telecom sector, was 978Gbps. Comparatively, in 2022, telecommunications and government experienced the largest attacks.
The government sector experienced the longest attacks of any sector, a change from healthcare in 2022. Across all industries, the average duration of attacks increased by 216% from Q1 to Q2, with the finance industry seeing the largest leap from 41 minutes to 108 minutes.
“When your business will get hit by a DDoS attack is a game of probability,” said Anna Claiborne, SVP of Packet and Product Software Engineering at Zayo. “With a huge rise in attacks in 2023 and more attacks over 100Gbps, the odds are not in your favor. While there are a myriad of statistics on the cost of remediating a DDoS attack, the long-tail loss of customer confidence after an attack is difficult to quantify and even more difficult to fix. Running any business on the Internet without DDoS protection is a risk, and you have to ask yourself if it’s one worth taking.”