New research from F5 Labs has found that DDoS (Distributed denial of service) attacks came back with a vengeance last year after several years of decline. F5 Labs’ 2024 DDoS Attack Trends report recorded 2,127 attacks in 2023, which is a 112% rise compared to 1,003 in 2022. Analysis of incidents recorded via the F5 Distributed Cloud platform – combined with insights from F5’s Security Incident Response and Threat Analytics and Reporting teams – also showed that organizations faced an average of 11 attacks in 2023.
The most targeted organization was subject to 187 separate attacks during the year, including the largest single attack recorded by F5 Labs. According to F5 Labs’ analysis, attack sizes remained high throughout 2023, staying consistently above 100Gbps, and many over 500Gbps. February was the outlier with the biggest attack of that month reaching less than 10Gbps.
“Clearly, the threat from DDoS attacks is constantly evolving, and as this report shows it is also growing. In a volatile environment, there can be no room for complacency. The early months of 2023 were defined by a major law enforcement operation undertaken by Europol and international partners in December 2022. They intervened to shut down servers responsible for much DDoS activity, including one that had facilitated 30 million attacks. The impact of this was substantial but short-lived. After a notably quiet February, by March we observed the largest recorded attack of the year, and over the course of 2023 we saw DDoS attacks bounce back to higher levels of activity than before,” said David Warburton, Director, F5 Labs.
The sharp rise in DDoS activity hit certain industries particularly hard in 2023. Software and computer services remained the most targeted and experienced more than twice the number of attacks in 2023 as the previous year. The sector was the target of 37% of all attacks, although they were relatively small in size, peaking with a 200Gbps attack in November.
The EMEA region as a whole endured 57% of all incidents in 2023, with incidents more than tripling compared to 2022. Throughout the year, there was a marked and consistent increase in both the quantity of attacks and their peak bandwidth. The mean peak-bandwidth saw a dramatic rise from 50 Mbps in January to 5 Gbps by December. The largest attack occurred in June, measuring just under 500 Gbps.