DDoS Attacks Surge, Gaming Industry Most Targeted

A new report from Gcore reveals a concerning surge in Distributed Denial-of-Service (DDoS) attacks, highlighting the evolving threat landscape and the increasing sophistication of malicious actors. The Gcore Radar’s report for Q3-Q4 2024 indicates a 56% increase in the number of DDoS attacks compared to the same period in 2023, signaling a significant long-term growth trend.

The gaming industry remains the primary target, accounting for 34% of all attacks. However, the financial services sector has experienced a dramatic increase, with attacks rising from 12% in the previous period to 26% in Q3-Q4 2024—a staggering 117% jump. This surge highlights how attackers are becoming more aware of the vital internet services provided by the financial industry and how vulnerable they are to ransomware assaults.

Overall, there was a 17% increase in the total number of attacks compared with Q1-Q2 2024. The largest attack peaked at 2Tbps, an 18% increase from the first half of the year, demonstrating the escalating intensity of these malicious campaigns.

Key Findings

Overall Increase: Total number of attacks up 17% compared to Q1-Q2 2024.
Financial Sector Surge: DDoS attacks on financial services jumped to 26%, a 117% increase.
Technology Industry at Risk: Attacks on technology services have risen from 7% to 19%.
Attack Intensity: The largest attack peaked at 2Tbps in Q3-Q4 2-24, an 18% increase from Q1-Q2 2024.
Shorter, More Powerful Attacks: Attack durations are decreasing. The longest attack lasts five hours, down from 16 hours in the first half of the year.
Geographical Sources: The Netherlands and the U.S. are key sources of attacks, with Brazil, China, and Indonesia also prominent.

Shifting Focus and Tactics

The report also highlights a shift in focus among DDoS attackers. While the gaming industry remains a consistent target, the technology industry has seen a steady increase in its share of DDoS attacks, climbing from 7% to 19% since Q3-Q4 2023. Since a single successful attack might affect several organizations that rely on these platforms, attackers are aware that attacking technological services has the potential to cause widespread disruption.

Furthermore, DDoS attacks are becoming shorter in duration but more powerful. The longest DDoS attack during Q3-Q4 2024 lasted five hours, a significant decrease from 16 hours in the first half of the year. This trend reflects the increasing use of “burst attacks,” which are more difficult to detect as they can blend in with normal traffic spikes. This delay in detection provides attackers with a window of opportunity to disrupt services before cyber defenses can be activated.

The trend of shorter DDoS attack durations can be attributed to improvements in cybersecurity measures. As security tightens, attackers have adapted by employing short-burst attacks designed to bypass defenses. Additionally, a short DDoS attack can serve as a smokescreen to conceal a secondary attack, such as ransomware deployment.

Geographical Distribution of Attacks

Gcore’s global presence allows it to accurately track the geographical sources of DDoS attacks, utilizing attackers’ IP addresses and the locations of targeted data centers. The Netherlands has emerged as a key source of attacks, leading application-layer attacks with 21% and ranking second for network-layer attacks at 18%. The U.S. also ranks highly across both layers, reflecting its vast internet infrastructure that hackers exploit.

Brazil featured prominently in network-layer attacks at 14%, with its growing digital economy and connectivity making it an emerging source of attacks. China and Indonesia also featured prominently, with Indonesia showing a growth in application-layer attacks at 8%, which reflects a broader trend of increased attack activity in Southeast Asia.

FAQs

1. What are the key findings of the Gcore Radar report for Q3-Q4 2024 regarding DDoS attacks?

The report highlights a 56% increase in DDoS attacks compared to Q3-Q4 2023. The gaming industry remains the most targeted, accounting for 34% of all attacks, but the financial sector saw a significant surge, almost 117%. Attacks are becoming shorter but more powerful, with the largest peaking at 2Tbps. The Netherlands and the U.S. are key sources of attacks.

2. Why is the technology industry increasingly targeted by DDoS attacks?

DDoS attackers recognize the wide-reaching disruption potential of attacking technology services. A successful attack can cripple a service that countless organizations depend on, causing significant harm. Technology platforms also possess vast computational power, which malicious actors exploit to intensify attacks.

3. Why are DDoS attacks becoming shorter in duration?

The trend of shorter DDoS attack durations can be attributed to improvements in cybersecurity. As security tightens, attackers have adapted with short burst attacks designed to bypass defenses. A short DDoS attack can also serve as a smokescreen to conceal a secondary attack, such as ransomware deployment.

Conclusion

The Gcore Radar report for Q3-Q4 2024 reveals a significant surge in DDoS attacks, with a 56% year-on-year increase, underscoring the escalating threat landscape. The gaming industry remains the most targeted, but the financial and technology sectors also face increased risks. The rise in shorter, more powerful attacks and shifting geographical sources highlights the need for businesses to invest in robust DDoS protection to mitigate potential financial and reputational damage.

To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com

Tags: Cybersecurity, DDoS attack, Distributed Denial-of-Service, IP address, ransomware

CyberTech Staff Writer

CyberTech Staff Writer is a seasoned cybersecurity expert and analyst with a deep passion for safeguarding digital landscapes. With 20+ years of experience in the IT security and networking industry, they have honed their skills in identifying, assessing, and reporting cyber threats and best practices to salvage enterprises from disasters. Their expertise spans a wide range of areas, including cloud security, application security, ransomware assessment, threat intelligence, incident response, ZTNA and more. As a thought leader in the cybersecurity community, CyberTech Staff Writer is dedicated to sharing knowledge and insights to help organizations build robust defenses against evolving cyber threats.