The Global DDoS Threat Landscape – September 2022

Every month in this space, we will post the State of the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks become more frequent, varied, and sophisticated, it is critical that we regularly communicate the Imperva Threat Research team’s findings and expert analysis to help the cybersecurity community stay prepared for the next DDoS attack.

Here are the highlights of this month’s findings and analysis:

• The Largest Layer 7 DDoS attack Imperva mitigated in August targeted a US telecoms company. The attack lasted four minutes and measured 1.8 million requests per second (RPS). The attack requests were distributed across a number of countries, with most of the requests originating from the United States, followed by the United Kingdom and India.

• The largest Layer 3 or 4 attack Imperva mitigated in August was an attack on a technology company measuring 856 Gigabits per second (Gbps) at its peak. The attack lasted almost three hours and 30 minutes.
• The largest attack by total Million packets per second (Mpps) was waged against the same technology company and measured 241 Mpps. This attack lasted more than six hours.

Geo-political Layer 7 (L7) Attacks Observed

• DDoS attacks on Ukrainian sites remained high throughout Q3, increasing by 137% between June and August.

• Layer 7 DDoS attacks on Russian sites were down by 44% between July to August, although numbers remained similar to Ukrainian attacks.
• Attacks on accounts in China increased five-fold from July to August.
• The most impacted industry in Ukraine was the Business sector with an 800%+ increase in Layer 7 DDoS attacks between June and August.

• Layer 7 DDoS attacks on Financial Services targets in Russia remained high from June through to August, with a 48% peak in July.

• For Ukraine, the top attacking countries for Layer 7 DDoS were the United States, the United Kingdom, and Germany; followed closely by Singapore and Canada.

Application Layer Attacks

• Layer 7 DDoS attacks increased by 12% from July to August.

• Layer 7 attacks on financial services organizations increased by 20% from July to August while attacks on business accounts increased by 10%. Attacks on Computing & IT and the Travel industry decreased by 28% and 64%, respectively, from July to August.
• The top 5 attacking countries for Layer 7 DDoS attacks in August 2022 were Hong Kong, the United States, Australia, Thailand, and China.
• The countries targeted most by Layer 7 DDoS attacks in August were the United States, France, Spain, Russia, and Ukraine.

• The five most attacked industries for Layer 7 DDoS attacks in August were:
  1. Financial Services
  2. Business
  3. Retail
  4. Computing & IT
  5. Law and Government

• 61% of Layer 7 DDoS attacks lasted six hours or more with 33% lasting more than 12 hours.

×

Nov 26 Upcoming Webinar

The True Cost of API Insecurity and Bot Attacks in 2024

Register Now

Network Layer Attacks

• The number of Layer 3 and 4 DDoS attacks almost doubled in August compared to July, with an increase of 86% in the number of attacks.

• The top five targeted countries layer 3 and 4 DDoS attacks in August were:

1. United States
2. Taiwan
3. Germany
4. Poland
5. Singapore

• 87% of Layer 3 and 4 attacks in August consisted of a single vector. 10% of attacks were made up of 2 or 3 vectors, with only 4% having 4 or more vectors.

• 84% of all Layer 3 and 4 attacks in August lasted 30 minutes or less, while 10% of attacks lasted over one hour.

To learn more or to book a free trial of Imperva DDoS protection for websites, contact us today. We also protect network infrastructure against Layers 3 and 4 DDoS attacks. Learn more about Imperva DDoS Protection for Networks or you can request a demo of the solution in action.