The Global DDoS Threat Landscape – November 2022

Every month in this space, we will post the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks continue to pose a significant risk to businesses, it is critical that we regularly communicate our Threat Research team’s findings to help the cybersecurity community stay prepared for the next DDoS attack.  

Report highlights

• The largest Layer 7 DDoS attack Imperva mitigated in October targeted an account in China. The attack lasted nine minutes and measured 1.09 million requests per second (RPS). 
• The largest Layer 3 or 4 attacks Imperva mitigated in October was an attack on an industrial goods 7 services company measuring 1196 Gigabits per second (Gbps) at its peak. The attack lasted thirty-six minutes and 12 seconds.  
• The largest attack by total Million packets per second (Mpps) targeted a Sporting Goods company. The attack measured 591 Mpps at its peak and lasted just under twenty-four hours. 
• Layer 7 DDoS attacks on targets in Ukraine and Russia were down in comparison to previous months.

Geographical and political DDoS Threat Landscape 

• Layer 7 DDoS attacks on Russian sites were down again this month, with a drop of 47% from September. 
• Similarly, Layer 7 DDoS attacks on Ukrainian sites were down by 26% from September to October.

The most impacted industries in Ukraine were Business sites, which were targeted almost twice as often in September as they were in October. The total no of L7 DDoS attacks on websites in Ukraine within the Business sector fell by 39%.

Layer 7 DDoS attacks on Financial Services targets in Russia dropped by 43% from September to October.

The top countries for Layer 7 DDoS attacks on Ukrainian targets were Germany, Ukraine, the UK, Japan, and Singapore. Over 10% of layer 7 DDoS attacks were domestic, originating in Ukraine.

Application Layer DDoS Attacks

Layer 7 DDoS attacks fell again in Oct, with a drop of 12% since September. October saw the lowest number of layer 7 DDoS attacks since July.

In the United States, more than 76% of all Layer 7 DDoS attacks originated within the US, followed by Germany and The Netherlands.

The United States dominated the countries targeted by application DDoS attacks in October, accounting for more than 55% of the attacks.

Application Layer DDoS attacks by industry

• Layer 7 DDoS attacks on financial services targets were down by 37% in October vs the previous month.
  
• Attacks on the online gaming industry more than doubled from September to October but were still only half of the number of attacks seen targeting this industry in April and August.
  
• In the UK, Layer 7 DDoS attacks on the Computing & IT sector increased by 56% from September to October.
  
• In Australia the number of Layer 7 attacks targeting the retail sector doubled between July and October.
• Financial Services remained the most targeted industry for Layer 7 DDoS attacks in October, accounting for over 20% of all attacks.
  

Network Layer DDoS Attacks

• The number of Layer 3 and 4 DDoS attacks fell 15% from September to October.

Attack vectors

• More than 70% of Layer 3 and 4 attacks in September consisted of a single vector. 23% of attacks were made up of two or three vectors, with only 6.7% having four or more vectors. This shows that the majority of attacks in October were not sophisticated high-level attacks.

Attack duration

• More than 77% of all Layer 3 and 4 attacks in September lasted 30 minutes or less, with almost 50% lasting less than seven minutes. 15% of all Layers 3 and 4 DDoS attacks lasted more than one hour.

Contact us today to learn more or arrange a free trial of Imperva DDoS protection for websites 

Imperva protects network infrastructure against Layers 3 and 4 DDoS attacks. 

Learn more about Imperva DDoS Protection for Networks or you can request a demo of the solution in action.