DDoS Statistics. PHOTO: Cybercrime Magazine.

The 15 Top DDoS Statistics You Should Know In 2020

Distributed-denial-of-service attacks set to double over the next two years

– Casey Crane

St. Petersburg, Fla. – Nov. 16, 2019

2019 kicked off with distributed denial of service attacks up 84 percent in the first quarter — let’s take a look at other DDoS attack statistics and how experts think 2020 will fare.

Even if you don’t know what DDoS attacks are, you’ve likely experienced their effects. These types of cyberattacks cause massive amounts of damage and costs to businesses worldwide. They knock online gaming networks offline and prevent companies like PayPal and Netflix from providing services to clients. In fact, one particularly effective attack even brought down the entire Internet along the East Coast of the United States a few years ago

There’s a lot to know about DDoS. In this article, we’ll cover what a distributed denial of service attack is, and cover some of the top DDoS attacks, costs, trends, and projections that you should know as we head into 2020.

Understanding What a DDoS Attack Is and How It Impacts You

Before we can explain what DDoS is, you first need to understand what a DoS attack is. A denial of service attack involves a single actor targeting a single target (such as a company or government organization) with the goal of disrupting or delaying its services, server, or network. Attackers want to rain on everyone’s parade by making services and systems unresponsive and unavailable to end users. They do this by exhausting those components’ resources — its bandwidth, disk space, or memory — to prevent the systems from operating as intended.

A DDoS attack is a specific type of DoS attack that involves multiple compromised devices — sometimes even an entire network of them — to accomplish the same goal. This type of attack uses all of the devices to simultaneously connect to the target and flood it with traffic or server requests. This is sometimes done by using a “botnet” of unsecured, connected devices, which can include devices such as smart thermostats, refrigerators, CCTVs, and even baby monitors.

A DDoS attack is much like a massive crowd at a protest. When the group gathers and takes to the street, they may choose to intentionally block major roadways to prevent lawful drivers from proceeding. This causes vehicles to back up on the roads and, effectively, forces traffic to screech to a halt. Lawful drivers are unable to use the public roadways, and city services are unable to operate in the area. And until either the protestors leave or are forced to disperse, their actions can jam up traffic for hours to come. It’s much the same way when a hacker launches a DDoS attack against a service provider.


Types of DDoS Attacks

Like ice cream, DDoS attacks come in multiple flavors: application layer attacks, volumetric attacks, and protocol-based attacks (TCP/IP). Some attacks are multi vector, meaning that they are a combination of some or all of these different types of attacks. They’re like the Neapolitan of DDoS attacks.

DDoS attacks come in a variety of sizes, frequently ranging from as little as a few megabits per second to several hundred gigabits per second (Gbps). Experts typically measure these attacks in terms of volume or packets. The jury’s still out on which type of attack is “worse,” but both mean bad news in different ways for businesses and consumers alike.

The Top DDoS Statistics and Trends You Need to Know

So, what are some of the biggest DDoS attacks and trends we’ve seen so far in 2019? We’ve pulled together a list of DDoS statistics concerning the year’s biggest DDoS attacks, trends, and future industry projections for 2020 and beyond:

1. Global estimates of the total number of DDoS attacks are anticipated to double to 14.5 million by 2022, according to 2017 data from the Cisco Visual Networking Index (VNI). 

2. Also according to Cisco, DDoS attacks, both in size and number, have been on an overall downward trend since the FBI shut down 15 of the largest DDoS-for-hire websites in December 2018.

3. DDoS attacks are a dominant threat to the vast majority of service providers — and their impact is widespread. These attacks can represent up to 25 percent of a country’s total Internet traffic while they are occurring.

4. Research from Kaspersky’s SecureList shows that in Q2 2019, there were more high-profile DDoS attacks than in the previous quarter. China and the U.S. ranked as the top two targets for DDoS attacks in Q2 2019, with 63.8 percent and 17.5 percent of the attacks, respectively. However, Q1 2019 itself was nothing to sneer at — the quarter also saw a significant number of DDoS attacks, which increased by 84 percent.

5. Some of the largest DDoS attacks in history were recorded this year by Imperva. The cybersecurity solutions provider reported on its blog that the largest application layer DDoS attack in history occurred in the spring over a 13-day stretch. The attack, which targeted a streaming service client, and peaked at 292,000 requests per second (RPS).

6. The beginning of the year was truly a busy time for Imperva’s clients. The cybersecurity company also reported that one of their clients was able to thwart the largest packet-based attack on record, which peaked at 580 million packets per second, in April. This followed an attack against another of Imperva’s clients in January, which topped out at 500 million packets per second.

7. One of the trends Neustar discovered in its DDoS attack research is the increasing trend of what their researchers refer to as strategic, “low-intensity incursions” that degrade the performance of servers over time. Using these lowball attacks enables hackers to carry out longer attacks that fall below the level of intensity that would trigger DDoS defenses.

8. According to Neustar, more than 82 percent of all attacks mitigated by Neustar in Q2 2019 used two or more vectors. Their report also indicates that they “observed a significant number of attacks that featured over four vectors.”

9. The number of Internet of Things (IoT) devices that are estimated to exist by 2020 is 20.4 billion, according to a press release from Gartner, Inc. Because IoT devices (connected devices such as smart thermostats, refrigerators, and even baby monitors) are notorious for lacking any real IT security or cybersecurity measures, they’re vulnerable to hacking, eavesdropping attacks, and DDoS attacks.

10. Ever wonder what the average cost of one of these attacks equates to monetarily speaking? Bulletproof’s 2019 Annual Cyber Security Report indicates that a DoS or DDoS attack could cost up to $120,000 for a small company or more than $2 million for an enterprise organization. That equates to a lot of apologies to customers and shareholders.

11. A report from A10 Networks indicates that the company tracked more than 20.3 million DDoS weapons — infected computers, IoT devices, and servers — in Q2 2019 that were available to launch DDoS attacks. In Q1 2019, the company tracked nearly 23 million such weapons.

12. According to Kaspersky’s Q2 2019 report, although DDoS attacks were down overall, the second quarter showed a clear increase in politically-motivated DDoS attacks.

13. DDoS attacks are affecting some industries more than others this year. Research from Akamai indicates that financial service organizations, in particular, are seeing a rise in reflection DDoS attacks. Between Dec. 2, 2018 and May 4, 2019, Akamai observed more than 800 DDoS attacks against the financial industry — a number that represents more than 40 percent of all unique DDoS targets they observed during that time.

14. Another popular set of industries DDoS attacks target are the media/information services and insurance industries. Research from IBM X-Force indicates that more than 80 percent of all observed activity from Mirai botnet variants so far in 2019 targeted these two industries. Mirai (and Mirai botnet variants) also have been the most common malware to target enterprise IoT devices so far this year.

15. With a current value of $2.4 billion in 2019, one research firm estimates the DDoS protection and mitigation market will nearly double to $4.7 billion by 2024. That’s a compound annual growth rate (CAGR) of 14 percent.

Looking for more cybersecurity facts, figures, predictions and statistics? Look no further. The 2019 Cybersecurity Almanac from Cisco and Cybersecurity Ventures is jam-packed with forecasts, survey data, employment trends, and more. The 2020 edition is coming soon, and it will include some DDoS nuggets you’ll want to know about.

Casey Crane Archives

– Casey Crane is a freelance writer.

Connor Morgan, a freshman at Suffolk County Community College, and a part-time researcher at Cybercrime Magazine, contributed to this story.