Gcore, an international cloud and edge solutions provider, has revealed the findings of its quarterly Gcore Radar report that provides insights into the current state of the DDoS protection market and cybersecurity trends.
The report finds that as we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks.
Key Highlights from Q1–Q2
- The maximum attack power rose from 600 to 800 Gbps.
- UDP flood attacks were most common and amounted to 52 per cent of total attacks, while SYN flood accounted for 24 per cent. In third place was TCP flood.
- The most-attacked business sectors are gaming, telecom, and financial.
- The longest attack duration in Q2/Q3 was seven days, 16 hours, and 22 minutes.
- Most attacks lasted less than four hours.
High-Volume Attacks: An Escalating Threat
There has been a significant increase in the power and volume of DDoS attacks over the last two years:
- In 2021, the capacity of DDoS attacks was up to 300 Gbps.
- In 2022, the attack capacity was about 650 Gbps.
- In Q1–Q2 of 2023, we see a capacity of about 800 Gbps
The alarming 50–100 per cent annual increase in DDoS attack volume highlights the growing sophistication of cyber attackers and their utilisation of increasingly powerful tools. This means that businesses need to invest in DDoS mitigation strategies and solutions to protect their networks, systems, and customer data. Failure to address these evolving threats can result in costly disruptions, reputational damage, loss of customer trust, and security breaches.
DDoS Attack Techniques
According to Gcore’s statistics, in Q1–Q2 of 2023:
- UDP flood became more popular among attackers and is the most common method.
- SYN flood is in second place.
- In third place is TCP flood.
- All other techniques combined accounted for just 5 per cent of attack types.
ndrey Slastenov, Head of Security Department at Gcore, commented: “There has been an increase in the frequency of complex, multi-vector attacks. Attackers are now employing adaptive strategies, such as combining high-volume UDP attacks with a massive number of TCP packets, and shifting from targeting the application layer with a large amount of traffic to using a high volume of small packets. These changes in tactics indicate a deliberate effort to intensify the DDoS assault by overwhelming the network infrastructure and potentially bypassing mitigation measures. The ultimate goal is to maximize the impact of the attack and disrupt services.”
DDoS Attacks by Business Sector
DDoS attacks across different business sectors have revealed specific trends and impacts. According to Gcore’s report, gaming, telecom, and financial industries were the most attacked sectors in Q1–Q2 of 2023.