35 DDoS Assault Statistics that Give an explanation for Its Upward push in 2024



The purpose of a disbursed denial of provider (DDoS) assault is to crush a community or server sources with a view to power an interruption of labor. The use of malware, it reasons the community’s techniques to make loads of 1000’s, and even tens of millions, of requests consistent with 2nd. The server fails to answer every, triggering downtime. 

This downtime prices the group tens of millions of greenbacks in misplaced trade alternatives. The cash had to get well from DDoS provides to the continuing monetary losses. Suave companies undertake DDoS coverage tool to safeguard their networks. 

The statistics under discover the present state of DDoS. They communicate concerning the magnitude of assaults, period, prices, and different components. 

Best DDoS assault statistics

Under are some related statistics on DDoS assaults that exhibit what’s new and but to return with this type of cyber assault.

  • There have been 1.7 million HTTP DDoS assaults, 1.5 million DNS DDoS assaults, and 1.3 million L3/4 DDoS assaults in Q1 2024.
  • Information facilities in america ingested greater than 40% of L3/4 DDoS assaults in Q1 2024. Germany stays the second one biggest supply of equivalent assaults. Brazil, Singapore, Russia, South Korea, Hong Kong, United Kingdom, Netherlands, and Japan in combination account for the 3rd biggest supply of assaults.
  • Knowledge generation and web was once probably the most attacked trade in Africa and Europe, whilst advertising and marketing and promoting was once probably the most attacked trade in North The us in Q1 2024.


DDoS-for-hire marketplaces had been close down in 2023 through the Federal Bureau of Investigation (FBI).

Supply: KrebsonSecurity

  • The use of over 15 million inflamed IP addresses globally, Botnets are usual equipment for launching DDoS assaults. Even though different variants exist, Mirai malware regularly creates those botnets. A Mirai variant botnet stays chargeable for each and every 4 out of 100 HTTP DDoS assaults and two out of each and every 100 L3/4 DDoS assaults in 2024.
  • DNS-based DDoS assaults grew to 54% in Q1 2024, which is 80% upper than the ultimate 12 months. 
  • Jenkins Flood, DDoS assault vector, exploits Jenkins automation server vulnerabilities. It introduced 826% extra assaults QoQ in 2024. 

The upward thrust of DDoS

Danger actors have grown smarter and sneakier. Fashionable hackers conceal DDoS assaults as authentic site visitors, making them more difficult to hit upon. The stats under make it evident they’re on the upward push. 

Figuring out their expansion trajectory will let you reply in some way those larger magnitude assaults would think. 

  • In Q1 2024, the velocity of DDoS assaults escalated. HTTP DDoS assaults went up through 93% YoY. Community layer DDoS assaults went up through 28% YoY.
  • The common assault dimension higher through 233.33% in 2024.
  • A strategic shift is noticed within the nature of DDoS assaults, which means malicious brokers are actually aiming to release extra impactful attacks. The most important DDoS assault reached 700 Gbps, which was once 30.92% greater than 2023.
  • One out of each and every 10 HTTP DDoS assault focused america, adopted through China, Canada, Vietnam, Indonesia, Singapore, Hong Kong, Taiwan, Cyprus, and Germany.
  • China skilled probably the most choice of community layer DDoS assaults, which was once nearly 39% off all DDoS assaults in Q1` 2024. 
  • In Q1 2024, ransom DDoS assaults reduced through 22% QoQ.
  • HTTP DDoS assaults shot up through 51% in Q1 2024.
  • Software-layer DDoS assaults shot up through 5% from the former quarter.

Value of launching a DDoS assault vs. the price of coping with one

Launching a DDoS assault is amazingly cost-effective, however the monetary losses of improving from an assault are astronomical. The statistics under evaluate the financials of DDoS, each for attackers and goal sufferers. 

  • Attackers can hire on-line sources to release assaults for simply $5 consistent with hour. It’s notoriously reasonable for the attacker. 
  • On-line shops and small companies lose $ 8,000 to $74,000 for every hour of downtime. 
  • Each minute of downtime right through a DDoS assault prices $22,000.
  • Small or midsize companies would possibly spend $120,000 to get well from an assault.

Notable DDoS assaults on corporations

Some tech giants and respected corporations have suffered DDoS assaults regardless of having safety features set in position. Some had been in a position to offer protection to their belongings, others weren’t. Proceed studying to discover the magnitude of DDoS those corporations confronted within the fresh previous.

  • When GitHub was once attacked in February 2018, it peaked at 126.9 million packets consistent with 2nd. 
  • In February 2020, an Amazon Internet Products and services (AWS) buyer encountered an infinite DDoS assault that exploited a connectionless light-weight listing get entry to protocol (CLDAP) server. The assault despatched knowledge to the sufferer’s IP 50-70 instances greater than standard.
  • In November 2021, an impressive DDoS assault focused a Microsoft Azure consumer. The assault surged to a few.45 terabytes consistent with 2nd (Tbps) with a packet fee of 340 million packets consistent with 2nd. 
  • In Q1 2024, gaming and playing corporations noticed a 7.45% spike in utility layer assaults from the former quarter.
  • An Asian webhosting supplier skilled a community layer DDoS assault in Q1 2024, which reached 2 Tbps, whilst many different assaults exceeded the 1 terabit consistent with 2nd fee WoW. 

DDoS assault dimension and period statistics

DDoS assaults range in dimension and period, relying at the severity of the cyber assault. Some are available in waves, making them more difficult to hit upon. Others would possibly seem to forestall, handiest to renew once more. 

The period of a DDoS assault additionally has so much to do with a company’s safety posture. Fashionable assaults develop stronger and lasting on a daily basis. Let’s take a look at the why and the way in the back of it.

  • DDoS assaults can ultimate an afternoon or longer in response to severity.
  • A mean DDoS assault makes use of 5.17 gigabytes consistent with 2nd (Gbps). 
  • DDoS assaults harness 3-5 nodes on numerous networks to assault a goal sufferer. 
  • Large DDoS assaults can surpass 71 million requests consistent with 2nd. 
  • Friday is the day of selection for DDoS assaults. 15.36% of assaults took place on Fridays. Conversely, Thursday noticed the bottom choice of DDoS assaults (12.99%).
  • The common period of DDoS assaults was once 68 mins throughout industries in 2024.
  • The healthcare trade skilled a mean assault dimension of one.8 Gbps, which is very important as a result of the Russian Killnet DDoS assault that passed off previous in 2023.

Combat again

DDoS assaults are in a position and on the upward push. The stats above point out a rising danger for companies and people alike, however we will be able to offer protection to ourselves with complete cybersecurity measures. 

Behavior common safety audits and educate your other folks on very best safety practices. Delve into your cybersecurity technique for doable gaps. Shut them sooner than they put a hollow to your pocket. 

Be told extra about how you can prevent the malicious site visitors of a DDoS assault.

This newsletter was once in the beginning printed in 2023. It’s been up to date with new data.



Please enter your comment!
Please enter your name here