Since 2021, distributed denial of service (DDoS) attacks have trended upwards, both in volume and frequency. Layer 7 DDoS attacks of at least 500,000 requests per second (RPS) increased 81% in the past year. In addition to greater frequency, attack sizes were larger in 2022 than in 2021. The largest attack in 2022 was 4.5X larger than the biggest attack in 2021. As the Imperva DDoS Threat Landscape Report mentions, application layer DDoS grew 3X between Q1 and Q2 2022, which highlights the speed at which DDoS attacks are increasing.
DDoS attacks, although frequent, are generally low volume, with the average DDoS attack reaching only 240,000 RPS. While large-volume attacks make up less than 1% of total DDoS, it’s interesting to analyze this segment of the data as a way to indicate where DDoS pioneers are heading with this attack method.
In the second half of 2021, there were an average of 2.2 large-volume DDoS attacks per month. In 2022, there was an average of 4 large-volume attacks per month, an 81% increase from 2021.
All attacks in 2021 were lower than 1 million RPS. However, the average for large-volume DDoS attacks in 2022 was 1.45 million RPS, and the largest attack detected in the past year reached 10 million RPS.
In 2021, large-volume attacks were evenly distributed between government, financial, and automotive sites. In 2022, large-volume attacks were more widespread, with automotive, computing, and telecommunications topping the charts. The US was the most frequently targeted country both years.
For cybercriminals, DDoS attacks have always been a valuable tool. The rise in geopolitical conflict in 2022 led to large increases in hacktivism DDoS attacks. For example, Ukraine experienced a nearly 660% increase in attacks this year. As consumers are increasingly reliant on online services, cybercriminals have a lucrative incentive to disrupt or control these services. Botnets are common, and can be relatively cheap to use. Hackers can target a site for extortion or blackmail with a fairly low barrier to entry, and achieve successful results.
Large-volume attacks can be created by botnets with hundreds of thousands of infected devices. They can also be executed with a relatively small volume of botnets that rely on techniques such as pipelining and multiplexing to enhance the attack and remain undetected.
In 2023, we can assume that the trend of large-scale DDoS attacks will continue. Based on current data, we could see a rise in both volume and frequency of attacks, reaching new records.
Now more than ever, it’s important to have a solid security plan to keep your digital assets available and secured. Imperva DDoS protection protects your sites against attacks, with a 3-second SLA.
Try Imperva for Free
Protect your business for 30 days on Imperva.