Blog

Jaw-Dropping DDoS Statistics to Keep in Mind for 2019

Last updated on

Distributed denial of service (DDoS) attacks are a major threat to the hosting industry.

Here’s the thing:

In a DDoS attack, multiple machines come together to target a single host. DDoS allows for a shocking number of requests to be sent to the host, thus supercharging the attack.

What’s more, it makes it difficult for the host to identify and protect itself from the true source of the attack.

Meanwhile, legitimate users can’t access information systems, devices, or other network resources.

That’s really bad news for hosts and their clients. That’s also a main security feature many of the best web hosting providers rightfuly take are proud of: mitigating a DDoS without any interruption in service is not a simple feat.

DDoS attacks are relatively easy to instigate and exrtemely difficult to mitigate.

Fascinating DDoS Statistics

  • The frequency of DDoS attacks increased more than 2.5 times between 2014 and 2017.
  • The cost of a DDoS attack averages between $20,000-$40,000 per hour.
  • The total number of attacks of this type globally will reach 17 million by 2020.
  • The average size of DDoS attacks was at the mindblowing 26.37 GBps in Q2 2018.
  • In the US, DDoS attacks are a federal crime under the Computer Fraud and Abuse Act – with penalties that include imprisonment.

DDoS Attack Statistics

The sheer size of the most recent instances of distributed-denial-of-service attacks are stupefying.

1. The average DDoS attack size in Q2 2018 was 26.37 Gbps.

(Source: Bleeping Computer)

NexusGuard reported attackers amassing giant botnets using insecure IoT devices.

2. The biggest DDoS to date, which occurred on March 5, 2018, was a 1.7TBps reflection/amplification attack.

(Source: Ars Technica)

This is one of the most incredible DDoS attacks stats you’re likely to come across. The attack targeted an unnamed customer of a US-based service provider. However, it was unsuccessful! How about that!

3. The cost of a DDoS attack averages between $20,000-$40,000 per hour.

(Source: Cox BLUE)

That figure can even go up to $50,000! That’s roughly what the average American earns in a year.

4. The total cost of DDoS attacks in the UK alone could reach £1bn ($1.3 billion) in 2019.

(Source: techradar)

What’s more, DDoS tats show a whopping 91% of UK businesses have suffered outages after a successful DDoS attack.

Dynamics of DDoS Attacks

Large botnets are take time to coordinate but can keep going for quite some time.

5. The longest attack in 2018 lasted 329 hours.

(Source: Kaspersky Lab)

That’s nearly two weeks!

6. The average attack duration in Q4 2018 was 218 minutes.

(Source: Kaspersky Lab)

This showed a massive increase from just 95 minutes in Q1.

7. The largest number of attacks in Q4 2018 took place on October 16 and 18, and December 4.

(Source: Kaspersky Lab)

This stat is for those interested in the frequency of a distributed denial of service (DDoS) attacks. In contrast, December 27 witnessed the fewest attacks out of the whole quarter.

DDoS Demographics

The majority of DDoS attacks originate in China and stay there.

8. China was the leading offender in terms of DDoS attacks in Q4 2018 – it was responsible for 50.43% of all attacks.

(Source: Kaspersky Lab)

DDoS growth trends show the US was second with 24.90%, while Australia came third with 4.5%.

9. China was also the most targeted country in the world in Q4 2018 with 43.26% of all attacks.

(Source: Kaspersky Lab)

Once again, the US was second with 29.14%, and Australia came third with 5.91%.

10. GitHub (February 2018), Dyn (October 2016), BBC (December 2015), Spamhaus (March 2013), Bank of America/JP Morgan Chase/US Bancorp/Citigroup/PNC Bank (December 2012) are some of the biggest companies targeted by DDoS attacks in recent years.

(Source: vXchnge)

Those are some fascinating DDoS facts. At the time, the attack on GitHub was the largest ever recorded (1.3 TBps).

There’s something even crazier here, though:

The attack only took GitHub’s systems down for about 20 minutes.

Impressive DDoS Trends

Certain trends emerge when reading the statistical data carefully enough.

11. In 2018, there was 13% less DDoS activity compared to 2017.

(Source: Kaspersky Lab)

This is one of the rather surprising growth trends when it comes to DDoS attacks. As in, this time the “growth” is in the negative.

What’s more:

The number of attacks dropped for each corresponding quarter apart from Q3.

12. UDP flooding was the most common type of attack in Q4 2018 with 19.7% of all attacks.

(Source: Kaspersky Lab)

This figure showed a steady increase compared to Q3, when only 11.9% of all attacks were of this type.

13. HTTP misuse was the second most common attack type in Q4 2018 with 6.4%.

(Source: Kaspersky Lab)

DDoS risk statistics showed an increase from 3.2% in Q3. However, mixed attacks made up the overwhelming majority in both quarters, with 72% in Q4 and 83.2% in Q3.

14. Together, DoS and DDoS attacks are the most common type of cyber attacks.

(Source: Newrix)

According to DoS statistics, they’re followed by MitM (Man-in-the-Middle), phishing and spear phishing attacks, drive-by attacks, and finally – password attacks round up the top 5.

DDoS Attack Tools

It’s hard to say which is the most widely used tool. Let’s take a quick peek at two of the main contenders:

15. In 2019, LOIC (Low Orbit Ion Canon) is one of the most popular free DDoS attack tools.

(Source: INFOSEC)

LOIC, which sends UDP, TCP, or HTTP requests to the victim server, is most commonly used for DoS attacks. However, it also has a HIVEMIND mode that enables DDoS attacks by allowing the attacker to control remote LOIC-enabled systems.

Interesting fact: Hacker group Anonymous has used LOIC to carry out attacks against many big companies’ networks during the recent rise of DDoS attacks.

16. In 2019, HULK (Http Unbearable Load King) is another extremely popular DDoS attack tool.

(Source: Software Testing Help)

This tool, originally created for research purposes, can bypass the cache engine and generate a large amount of obscure and unique traffic.

DDoS Attack Techniques

DDoS attacks grow in complexity and scale, but the rise of IoT ensures that botnets remain the main strategy.

17. Botnets: Most botnet-based attacks in Q4 2018 took place in October.

(Source: Kaspersky Lab)

A botnet is a number of internet-connected devices, which runs one or more bots. Activity tended to rise mid-week and decrease towards the end.

18. Memcached played an important part in the aforementioned GitHub attack from February 2018.

(Source: Kaspersky Lab)

This is one of the key factors that determine the global state of DDoS attack trends. Memcached servers are a logical target for this type of attacks – which is why they end up on the receiving end of quite a few.

DDoS Defense Techniques

These are some of the most popular defense tools:

19. Cloudfare layer 3 (the Network layer) and 4 (the Transport layer) protection can absorb an attack even before it reaches the server. What’s more, layer 7 (the Application layer) protection can differentiate between well-intentioned and malicious traffic.

(Source: CBR)

Fun Fact: If you study DDoS-protection statistics, you’ll find that the Eurovision Song Contest uses Cloudfare.

20. F5 Networks offer DDoS protection across levels 3 to 7 onsite, in the cloud, or through a combination of the two.

(Source: CBR)

What’s more, it offers 24/7 support.

And here are some of the most effective DDoS attack prevention techniques:

21. Developing a denial of service response plan based on a thorough security assessment.

(Source: phoenixNAP)

The necessary steps are:

  • Creating a systems checklist
  • Forming a response team
  • Defining notification and escalation procedures
  • Creating a list of contacts to be notified in case of attack

22. Securing your network infrastructure by utilizing firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defense techniques.

(Source: phoenixNAP)

Denial of Service stats are clear:

You need to take multiple layers of precaution to protect yourself from these kinds of attacks.

23. Practicing basic network security.

(Source: phoenixNAP)

Using complex passwords and changing them on a regular basis, and utilizing anti-phishing methods are some secure practices.

Symptoms of DDoS Attacks

Some DDoS symptoms are:

  • Slow access to local and remote files
  • Long-term inability to access a specific website
  • Loss of internet connection
  • An excessive amount of spam emails

(Source: Norton)

Losses from DDoS Attacks

Like most forms of cybercrime, DDoS attacks are damaging. In case of website hosting, a continuous DDoS can bring clusters of sites down. If timed well – say, around Black Friday – it could be devastating for the bottom line of the affected sites.

24. In 2018, 20% of companies with 50 employees or more reported they have been the victim of at least one DDoS attack.

(Source: Kaspersky Lab)

According to the latest DDoS attack trends, the three industries most likely to suffer such attacks are telecoms, IT, and financial services.

25. In 2018, 50% of DDoS attacks led to a serious disruption of services.

(Source: Kaspersky Lab)

What’s more, 24% of attacks led to services being completely unavailable for some time.

26. 12% of businesses are confident that a DDoS attack was initiated by their competition.

(Source: Kaspersky Lab)

Some companies will do anything to get ahead in the business world – even resort to foul play!

27. In 2018, 7% of businesses reported attacks that lasted for a week.

(Source: Kaspersky Lab)

These longer DDoS attacks resulted in a severe impediment of services. This is one of the stats behind the steady increase in the size of the market for DDoS protection and mitigation services.

28. Large companies lose $417,000 on average as a result of a DoS attack.

(Source: Kaspersky Lab)

For comparison, small and mid-sized businesses lose an average of $53,000.

Vulnerable Software and Content Management Systems

Even though a lot of the successful cyber crimes can br attributed to human error, DDoS usually exploits system vulnerabilities.

29. During one of the worst WordPress security breaches in 2014, over 18 million users were affected.

(Source: ASTRA)

With WordPress.com being so popular, you’d expect such a breach to affect millions.

What’s more, 73% of WordPress-based websites have vulnerabilities that can be exploited.

30. In the first half of 2018, DDoS attacks against Drupal websites peaked on April 29.

(Source: NSFOCUS)

Most of the websites targeted were in Europe and the Americas.

Famous Hackers and Their Victims

It’s hard to believe at first, but DDoS statistics reveal some of the most famous attackers are teenage boys:

31. In 2000, a 15-year-old American high-school hacker known as “Mafiaboy” (real name Michael Calce) carried out a successful DDoS attack, which took down several major websites – including CNN, Dell, E-Trade, eBay, and Yahoo.

(Source: Cloudfare)

How did he do it?

He hacked into the networks of several universities and made use of their servers. Back then, Yahoo was still the largest search engine in the world.

32. In 2013, a British teenage hacker-for-hire carried out the largest ever DDoS attack at the time against The Spamhaus Project – an organization that helps combat spam emails and spam-related activity across the world.

(Source: Cloudfare)

This is one of the more ironic DDoS attack statistics, isn’t it? The attacker drove traffic to Spamhaus at a rate of 300 GBps.

33. On July 4, 2009 (Independence Day in the US), 27 websites of the White House, Federal Trade Commission, Department of Transportation, and Department of the Treasury were subject to a DDoS attack.

(Source: Procedia Computer Science)

Other famous victims include MasterCard, PayPal, and Visa.

DDoS Attacks on Mobile Apps

Mobile traffic is only growing, and so are the attacks against cell phone users and apps.

34. 80% of banking and e-commerce mobile apps are vulnerable to DDoS attacks.

(Source: appknox)

This one of the most extraordinary DDoS statistics. You’d think that apps involving money transactions should be the ones to have top-notch security. Apparently – not necessarily.

DDoS Attacks on Cloud

Cloud statistics show increased adoption rates but also growing security concerns.

35. 14% of all attacks on cloud are DDoS attacks.

(Source: Procedia Computer Science)

This makes DDoS one of the top nine threats to cloud computing.

Luckily, security options are available:

36. Over 99% of infrastructure layer attacks detected by AWS Shield Standard are automatically mitigated in less than 1 second for attacks on Amazon CloudFront.

(Source: AWS Shield)

That’s one of the most impressive DDoS mitigation stats you’re likely to come across. DDoS is a big deal and having the best protection for it offers a competitive advantage.

Legal Status of DDoS Attacks Around the World

DDoS should be punishable by law but, as is the case with many things from the tech world, this is not always the case.

37. In the US, DDoS attacks are a federal crime under the Computer Fraud and Abuse Act – with penalties that include imprisonment.

(Source: U.S.C. Title 18: CRIMES AND CRIMINAL PROCEDURE)

The Computer Crime and Intellectual Property Section of the Department of Justice is responsible for handling DDoS.

38. In the UK, DDoS attacks are illegal and carry a penalty of up to ten years in prison.

(Source: Computer Misuse Act 1990)

Her Majesty’s Government does not look kindly on cybercrime, and DDoS attacks are no exception. The sharp percentage increase in DDoS attacks in the early 2000s forced the government to amend the Act in 2006.

39. On December 15-16, 2015, law enforcement agencies from Bosnia and Herzegovina, Austria, Germany, and the UK joined forces with Europol in an operation against the cybercriminal group DD4BC (DDoS for Bitcoin).

(Source: Europol)

The action was part of a global law enforcement response against the criminal organization.

Conclusion

Like taxes and death, DDoS attacks are an inescapable fact of life. Arbor Networks registers more than 2000 DDoS daily attacks worldwide.

There’s even a Digital Attack Map tool, which allows you to see where in the world DDoS attacks are occurring in real time!

Here’s the bottom line:

If you’re in the hosting industry, understanding DDoS is the first step. After that, you can set up adequate defenses against these malicious attacks. These mind-blowing DDoS statistics and facts are as good a place to start as any.

 

References:

Leave a Comment