Cloudflare, Inc., an internet security, performance, and reliability company, has released its Q3 2024 DDoS report, providing critical insights into the evolving DDoS threat landscape observed across its expansive global network. The report highlights a dramatic increase in DDoS attacks, with significant implications for businesses worldwide.
Key Findings
– Dramatic Increase in Attacks: In Q3 2024, Cloudflare mitigated nearly 6 million DDoS attacks, marking a 49% quarter-over-quarter (QoQ) increase and a staggering 55% year-over-year (YoY) surge.
– Hyper-Volumetric Attacks: Among these attacks, over 200 were classified as hyper-volumetric, exceeding 3 terabits per second (Tbps) and 2 billion packets per second (Bpps). The largest attack peaked at 4.2 Tbps, lasting only one minute.
– Targeted Industries and Regions: The Banking & Financial Services sector experienced the most attacks, with China identified as the top-targeted country. Conversely, Indonesia emerged as the largest source of DDoS attacks globally.
Detailed Insights on DDoS Campaigns
In total, Cloudflare has mitigated approximately 14.5 million DDoS attacks year-to-date, averaging around 2,200 attacks every hour. The report shows that 90% of DDoS attacks were short-lived, though there was a slight uptick in attacks lasting over an hour, accounting for 3% of the total.
Attack Types and Vectors
The report indicates an even split between HTTP (application layer) and network-layer DDoS attacks, with the latter seeing a 51% increase QoQ. Notably, SYN flood attacks were the most prevalent among network-layer attacks. Additionally, 72% of HTTP DDoS traffic originated from known botnets, highlighting the need for robust mitigation strategies.
User Agents and Attack Targets
A striking 80% of HTTP DDoS attack traffic impersonated the Google Chrome browser, specifically versions 118 to 121.
Top Locations and Industries Targeted:
– Most Attacked Regions: China led as the most attacked country, followed by the United Arab Emirates and Hong Kong.
– Industries at Risk: The Banking & Financial Services industry faced the highest volume of attacks, with IT & Services and Telecommunications also significantly affected.
Conclusion and Recommendations
The report underscores the alarming rise in hyper-volumetric DDoS attacks, which pose serious risks, especially for organizations relying on cloud services. Cloudflare’s VP for the Middle East and Türkiye, Bashar Bashaireh, emphasized the importance of proactive security strategies, stating, “Businesses with comprehensive security plans are far more resilient against these threats.”
As DDoS attacks become more sophisticated, organizations must prioritize robust security measures to safeguard their internet presence.