Gcore, the global provider of edge AI, cloud, network, and security solutions has released its Q3-Q4 2024 Radar report on DDoS attack trends.
The findings highlight a dramatic surge in the scale and impact of DDoS attacks, which have reached unprecedented levels this year. Businesses must take swift action to safeguard against this growing threat.
The report reveals a sharp increase in both the frequency and intensity of attacks, with their magnitude now measured in terabits per second (Tbps).
Key Highlights from Q3-Q4 2024
- Compared to Q3–Q4 2023, the number of DDoS attacks has surged by 56%, indicating a steep and sustained growth trend.
- The gaming industry remains the primary target, accounting for 34% of all attacks.
- Meanwhile, the financial services sector saw a sharp rise, making up 26% of attacks in Q3–Q4 2024—more than doubling from 12% in the previous period.
- DDoS activity also increased by 17% compared to Q1–Q2 2024.
- The largest recorded attack peaked at 2Tbps in Q3–Q4 2024, marking an 18% rise from the first half of the year.
- While DDoS attacks are becoming shorter in duration, they are growing significantly more powerful.
Attackers are Shifting Their Focus
The sectors that were targeted in Q3-Q4 2024 reflect a changing focus among DDoS attackers. The technology industry has seen a steady increase in its share of DDoS attacks, increasing from 7% to 19% since Q3-Q4 2023.
This is because DDoS attackers recognise the wide-reaching disruption potential of attacking technology services. A single successful attack can take out a service that countless organizations depend on – causing significant harm to people and businesses.
Another reason that technology platforms have seen an increase in DDoS attacks is due to their vast computational power, which malicious actors can exploit to intensify their attacks.
The gaming industry continues to be the most-attacked industry, although there were 31% fewer attacks compared with Q1-Q2 2024. The decline in attacks may be attributed to several factors.
For instance, gaming companies are strengthening their DDoS defenses in response to ongoing attacks, which may result in fewer successful attacks.
Another explanation is that attackers may be shifting their focus towards other high-value sectors, such as financial services, which saw a 117% increase in the number of attacks.
The sector’s critical online services and susceptibility to ransom-based attacks make it a prime target.
Andrey Slastenov, Head of Security at Gcore, commented: “The latest Gcore Radar should be a wake-up call to businesses across all industries.
Not only is the number and intensity of attacks increasing, but attackers are expanding the scope of their attacks to reach an increasingly wide range of sectors.
Businesses must invest in robust DDoS detection, mitigation, and protection to prevent the financial and reputational impact of an attack.
The Geographical Distribution of DDoS Attacks
With a presence that spans six continents, Gcore can accurately track the geographical sources of DDoS attacks.
Gcore derives these insights from the attackers’ IP addresses and the geographic locations of the data centers where malicious traffic is targeted.
Gcore’s findings have highlighted the Netherlands as a key source of attacks; leading application-layer attacks with 21% and ranking second for network-layer attacks at 18%.
The U.S. ranked highly across both layers, reflecting its vast internet infrastructure for hackers to exploit.
Brazil featured prominently in network-layer attacks at 14%. Brazil’s growing digital economy and connectivity make it an emerging source of attacks.
China and Indonesia also featured prominently, with Indonesia showing a growth in application-layer attacks at 8%, which reflects a broader trend of increased attack activity in Southeast Asia.
Short But Potent Attacks Continue to Take Hold
DDoS attacks are becoming shorter in duration, but no less disruptive. The longest DDoS attack duration during Q3-Q4 2024 was five hours, which is a significant decrease from 16 hours in the first half of the year.
This is reflective of an increasing trend towards shorter but more intense attacks. These ‘burst attacks’ can be more difficult to detect as they may blend in with normal traffic spikes.
The delay in detection gives attackers a window of opportunity to disrupt services before cyber defenses can kick in.
The trend of shorter DDoS attack durations can in part be attributed to improvements in cybersecurity. As security tightens, attackers have learned to adapt with short burst attacks designed to bypass defenses.
A short DDoS attack can also double as a smokescreen to conceal a secondary attack, such as ransomware deployment.
To access the full report, users can visit GCore.
About Gcore
Gcore is a global edge AI, cloud, network, and security solutions provider. Headquartered in Luxembourg, with a team of 600 operating from ten offices worldwide, Gcore provides solutions to global leaders in numerous industries.
Gcore manages its global IT infrastructure across six continents, with one of the best network performances in Europe, Africa, and LATAM due to the average response time of 30 ms worldwide.
Gcore’s network consists of 180 points of presence worldwide in reliable Tier IV and Tier III data centers, with a total network capacity exceeding 200 Tbps.
