Gcore, an international cloud and edge solutions provider, has revealed the findings of its quarterly Gcore Radar report which provides insights into the current state of the DDoS protection market and cybersecurity trends. The report finds that as entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks.
Key highlights from Q1–Q2
- The maximum attack power rose from 600 to 800 Gbps.
- UDP flood attacks were most common and amounted to 52% of total attacks, while SYN floods accounted for 24%. In third place was TCP flood.
- The most-attacked business sectors are gaming, telecom, and financial.
- The longest attack duration in Q2/Q3 was seven days, 16 hours, and 22 minutes.
- Most attacks lasted less than four hours.
High-volume attacks: an escalating threat
There has been a significant increase in the power and volume of DDoS attacks over the last two years:
- In 2021, the capacity of DDoS attacks was up to 300 Gbps.
- In 2022, the attack capacity was about 650 Gbps.
In Q1–Q2 of 2023, see a capacity of about 800 Gbps.
Illustration of attack rising from 300 Gbps in 2021 and 650 Gbps in 2022 to 800 Gbps in 2023 |
The alarming 50–100% annual increase in DDoS attack volume highlights the growing sophistication of cyber attackers and their utilisation of increasingly powerful tools. This means that businesses need to invest in DDoS mitigation strategies and solutions to protect their networks, systems, and customer data. Failure to address these evolving threats can result in costly disruptions, reputational damage, loss of customer trust, and security breaches.
DDoS attack techniques
According to Gcore’s statistics, in Q1–Q2 of 2023:
- UDP flood became more popular among attackers and is the most common method.
- SYN flood is in second place.
- In third place is TCP flood.
- All other techniques combined accounted for just 5% of attack types.
Attack types illustrated: 52% - UDP, 24% - SYN flood, 19% - TCP flood, 5% - other traffic |
Author's quote
There has been an increase in the frequency of complex, multi-vector attacks"
According to Andrey Slastenov, Head of Security Department at Gcore: “There has been an increase in the frequency of complex, multi-vector attacks. Attackers are now employing adaptive strategies, such as combining high-volume UDP attacks with a massive number of TCP packets, and shifting from targeting the application layer with a large amount of traffic to using a high volume of small packets."
He adds, "These changes in tactics indicate a deliberate effort to intensify the DDoS assault by overwhelming the network infrastructure and potentially bypassing mitigation measures. The ultimate goal is to maximise the impact of the attack and disrupt services.”
DDoS attacks by the business sector
DDoS attacks across different business sectors have revealed specific trends and impacts. According to Gcore’s report, gaming, telecom, and financial industries were the most attacked sectors in Q1–Q2 of 2023.
Attack types illustrated: 30.1% - gaming, 24.7% - telecom, 16.8% - financial, 28.4% - other |
The Gcore Radar report offers readers an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the latest developments in cybersecurity.