Cloudflare reported a significant surge in Distributed Denial of Service (DDoS) attacks in the fourth quarter of 2024, with attack volumes and sophistication reaching new heights, according to its latest DDoS threat report.
The security and performance company said it mitigated approximately 21.3 million DDoS attacks throughout 2024, a 53 per cent increase compared to the previous year.
In Q4 alone, Cloudflare observed over 420 hyper-volumetric attacks exceeding 1 terabit per second (Tbps) and 1 billion packets per second (pps), with the number of attacks surpassing 1 Tbps skyrocketing by 1,885pc quarter-over-quarter.
During Halloween week, Cloudflare’s automated systems thwarted a record-breaking 5.6 Tbps DDoS attack, the largest ever reported.
Key trends revealed in the report include the dominance of botnets, responsible for 73pc of HTTP DDoS attacks, and the surprising prevalence of HTTPS in attacks, with 92pc of HTTP DDoS attack requests using the encrypted protocol despite only 6pc of legitimate traffic being unencrypted HTTP.
At the network layer, the most common attacks were SYN floods (38pc), DNS floods (16pc), and UDP floods (14pc), with Mirai botnet attacks showing a significant 131pc quarter-over-quarter increase.
A surge in hyper-volumetric attacks was observed, with attacks exceeding 1 Tbps and 100 million pps increasing dramatically, and 16pc of those over 100 million pps also surpassing 1 billion pps.
Most attacks, both HTTP and network layer, were small and short-lived, typically ending within 10 minutes.
Indonesia remained the top source of attacks, while China was the most frequently targeted country.
The telecommunications, service provider, and carriers industry was the most targeted sector, followed by the Internet and marketing/advertising industries.
Finally, Cloudflare noted a predictable Q4 resurgence in ransom DDoS attacks, with 12pc of targeted customers reporting ransom threats or extortion attempts, representing a 78pc quarter-over-quarter and 25pc year-over-year increase.
“Too many organisations only implement DDoS protection after suffering an attack,” said Cloudflare Middle East, Türkiye and North Africa vice-president Bashar Bashaireh. “Our observations show that organisations with proactive security strategies are more resilient. At Cloudflare, we invest in automated defences and a comprehensive security portfolio to provide proactive protection against both current and emerging threats. With our 321 Tbps network spanning 330 cities globally, we remain committed to providing unmetered and unlimited DDoS protection no matter the size, duration and quantity of the attacks.”
avinash@gdnmedia.bh
Follow us on LinkedIn - Gulf Daily News - GDN
&uuid=(email))