DDoS Attacks banner

DDoS Attacks Increase 56% YoY, Gcore Radar Report Finds

3 Mins Read

PureVPNNewsDDoS Attacks Increase 56% YoY, Gcore Radar Report Finds

Gcore’s DDoS Radar report for Q3-Q4 2024 reveals a significant 56% year-over-year surge in DDoS attacks, with the largest reaching an unprecedented 2 terabits per second. 

The financial sector experienced the most significant rise, with attacks increasing by 117%, though the gaming industry remained the most frequently targeted. Let us take a closer look at the findings below:

DDoS Attacks Reach Record Frequency

Q3–Q4 2024 saw a continuous rise in DDoS attack frequency, climbing by 56% in comparison to the latter half of 2023. This trend suggests a long-term escalation in attack volume. 

Number of DDoS attacks from 2023 to 2024 (Source: Gcore)

The increase can be caused by variety of factors, such as:

  • Widespread Availability of DDoS Tools: The proliferation of DDoS-for-hire services and botnets has made it easier than ever to initiate attacks. 
  • Vulnerabilities in IoT Devices: Insecure IoT devices are being exploited to build larger botnets. 
  • Geopolitical and Economic Motivations: Political unrest and financial gain are driving more targeted and complex attacks. 
  • Advanced Attack Techniques: Attackers are using multi-vector and application-layer strategies, complicating the mitigation process.

Unprecedented Attack Peaks at 2 Tbps

During Q3–Q4 2024, the largest DDoS attack recorded peaked at 2 Tbps, targeting a leading global gaming company—an 18% increase from the previous high of 1.7 Tbps earlier in the year.

DDoS attack sizes by year (Source: Gcore)

Despite rapid mitigation responses, the scale of these attacks poses significant risks of service disruption and substantial financial damage, especially for industries that rely on real-time online services.

Attack Surge in Financial Services, Gaming Still Leads

Gaming continues to be the most frequently attacked industry, but its proportion of total attacks has decreased from 49% to 34%. Here are some possible reasons for this:

  • Enhanced DDoS Protections: As defenses improve, attackers are finding it necessary to find new targets. 
  • Persistent Incentives for Attacks: The competitive nature of gaming and the high stakes of online service availability continue to draw attackers. 
  • Economic Impact of Downtime: Financial repercussions from service interruptions remain a lucrative motive for attackers.

On the other hand, attacks on the financial services sector have nearly doubled, rising from 12% to 26% of total incidents. 

This sector’s critical online operations, strict regulatory environment, and vulnerability to ransom demands make it a popular target for cybercriminals.

ACK Floods and Shorter Bursts on the Rise

The landscape of DDoS threats is also changing in terms of tactics. At the network layer, UDP flood attacks are still predominant and account for 60% of these attacks. 

However, ACK flood attacks, which mimic legitimate traffic patterns, are becoming more common and now comprise 7% of attacks. 

At the application layer, L7 UDP floods make up 45%, while L7 TCP floods, which are harder to filter out, have increased to 37%. 

Shift to Shorter, More Disruptive Attacks 

There is a notable shift toward shorter yet more disruptive DDoS attacks. The longest attack recorded during this period lasted only five hours, a significant reduction from 16 hours previously.

These brief, intense bursts are designed to: 

  • Quickly Disrupt Services: They aim to cause immediate disruption while evading prolonged detection. 
  • Mimic Regular Traffic: Their patterns resemble normal traffic, complicating defensive efforts. 
  • Facilitate Additional Cyberattacks: Often, these quick strikes serve as diversions for other malicious activities, such as ransomware deployment.

Geopolitical Tensions Influence Attack Dynamics 

The geopolitical climate plays a major role in the DDoS arena, with politically motivated attacks focusing on essential infrastructure, major corporations, and financial institutions.

Source of network-layer DDoS attacks by country (Source: Gcore)

Countries with the highest internet penetration rates are both targets and sources of DDoS campaigns. The major sources of DDoS traffic by region are:

  • The US and the Netherlands: Major sources for both network and application layer attacks.
  • Brazil: An emerging hotspot for network-layer attacks. 
  • China and Indonesia: Significant contributors to the global volume of attacks.

You can download the full Gcore Radar report here for a deeper dive into the data.

author

Anas Hasan

date

February 12, 2025

time

1 month ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Related Stories

Google Chromecast Users Face ‘Untrusted Device’ Error – Here’s How to Fix It

Google Chromecast Users Face ‘Untrusted Device’ Error – Here’s How to Fix It
Posted on March 12, 2025
EncryptHub Breaches Hundreds of Organizations Globally

EncryptHub Breaches Hundreds of Organizations Globally
Posted on February 27, 2025
Bybit Confirms Historic $1.46 Billion ETH Cold Wallet Breach

Bybit Confirms Historic $1.46 Billion ETH Cold Wallet Breach
Posted on February 24, 2025

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Get PureVPN