News that a particular site has been subjected to a DDoS attack appears on the network quite regularly. As a result of such attacks, users are deprived of the ability to access the attacked resource, and the business suffers losses.
A DDoS attack (an abbreviation for the English expression distributed denial of service, which translates as “distributed denial of service”) is an attack on a server, network or web application that is carried out by overloading them with traffic in order to disrupt their operation. There are many varieties of DDoS attacks, from simple to complex, that can cause significant economic loss and damage to a company's reputation. In recent years, such attacks have become more frequent, sophisticated and effective, and even small companies and individuals can become targets of attacks. In this article, we will look at the main types of DDoS attacks, as well as provide statistics that demonstrate how serious they are for business.

Global attack trends: the inexorable rise of DDoS

- Number of attacks

The number of DDoS attacks continues to grow, and according to Cisco, this growth will continue in the coming years. By 2023, more than twice as many attacks are expected as in 2018 - the number of DDoS attacks will reach 15.4 million.

- frequency of attacks

In the fourth quarter of 2022, organizations prevented an average of 29.3 attacks per day, up 3.5 times from the 8.4 attacks per day at the end of 2021, according to Security Today, a magazine covering security news and trends. It was also reported that the number of attacks in Europe, the Middle East and Africa grew faster than the global average. Organizations in the region experienced an average of 45 attacks per day, up four times from 11.3 attacks per day during the same period in 2021.

— Volume of attacks

The global attack volume recorded in 2022 was 4.44 petabytes, which is 32% more than in 2021. The most significant growth was observed in the Americas. Last year, the volume of attacks in this region outpaced the global volume, increasing by 110% compared to 2021. Even though the EMEA region outperformed the Americas in terms of attack frequency (see above), the overall volume of attacks there decreased in 2022, down 44% from the previous year.

— Power of DDoS attacks

The power of DDoS attacks is measured in terms of the amount of traffic that is sent to the target web resource within a certain time. Typically, this traffic is generated by botnets, which consist of many computers and other devices infected with malware.

Volumetric DDoS attack power is measured in bits per unit of time. For example, an attack can have a power of 100 Gbps, which means that 100 gigabits of traffic per second is sent to the target web resource.

The largest recorded attack in 2022 was 1.46 Tbps, which is 2.8 times the largest attack recorded in 2021.

— Duration of DDoS attacks

Attacks can last from several minutes to several days, which can lead to serious problems for the target web resource. The longest attacks in 2022 ranged from 100 Gbps to 250 Gbps, where the attacks lasted 66 hours or 2.75 days on average.

Types of DDoS attacks

DDoS attacks come in many different types, but they all share the same goal of overloading the server and leading to a denial of service. Some of the most common types of DDoS attacks include:

• Attacks at the network level (for example, attacks on the ICMP, UDP, TCP protocols):

Aimed to stop the server by overloading network connections.

• Application level attacks (eg attacks against HTTP, HTTPS, DNS):

They are aimed at depleting server resources associated with processing client requests.

• Attacks at the infrastructure level (for example, attacks on DNS servers or routers):

Designed to overload the DNS server by using a large number of false queries to the DNS server in order to get more response data

• Mixed Attacks: Mixed attacks combine several types of DDoS attacks aimed at different levels of the server in order to increase the effect.

These are just some of the more common types of DDoS attacks, and new attack methods and techniques may emerge over time.

Attacks on web applications and APIs

Attacks on web applications and APIs have grown exponentially in 2022. They grew by 128% in a year, which is well ahead of the 88% growth in attacks between 2020 and 2021.

Predictable resource location attacks accounted for almost half of the activity. Code injection (14%) and SQL injection (11%) attacks together accounted for a quarter of attacks on web applications.

The most attacked industries were retail and wholesale (25%), followed by high tech (20%) and telecommunications (15%), which together accounted for 60% of blocked web application attacks.

Most attacked industries

In 2022, the financial industry was the most attacked — 53% of the total number of attacks. It is followed by technology (20%) and healthcare (11%).

In America, the financial industry accounted for 32% of attacks, followed by healthcare (24%) and technology (17%).

In Europe, the Middle East and Africa, the financial industry (71%) also topped the list of most attacked, followed by technology (16%) and government (4%).

In Asia Pacific, technology was the most attacked industry, accounting for 70% of attacks, followed by finance (9%) and government (8%).

Attackers master the latest technology

DDoS attacks are not a new phenomenon. However, as can be seen from the figures, in recent years they have become more frequent, sophisticated and effective. According to experts at Lumen Technologies, an American telecommunications company, in 2023 attackers will find new resources to strengthen attacks, such as cloud virtual services, IoT devices and 5G networks. Experts also predict that DDoS attacks will become more targeted, complex and persistent, requiring better defense strategies and solutions.

How to fight? Solutions from DDoS attacks

To protect against DDoS attacks, companies need to implement effective strategies that allow them to quickly detect and respond to DDoS attacks and minimize the consequences. Some of these strategies include deploying DDoS protection solutions such as firewalls, load balancers, or cloud services that can filter out malicious traffic and keep services available. In addition, companies need to monitor network traffic and performance, identify potential vulnerabilities and attack sources, and collaborate with ISPs and other organizations to share information and experience.

CIOs can implement the following best practices:

1. Studying the level of vulnerability of your network. CIOs should regularly test their network for vulnerabilities to identify potential issues and improve the security of their organizations.

2. Use of multiple levels of protection. Using multiple layers of protection can help improve DDoS protection. For example, using a combination of cloud solutions and dedicated hardware can help provide better security.

3. Regular software update. Regular software updates can help improve DDoS protection, as many attacks are based on vulnerabilities in software.

4. Planning business processes in case of DDoS attacks. CIOs must develop DDoS attack plans to minimize potential loss and damage to the business.

5. Employee training. Training employees, especially those who work with websites and online services, can help improve protection against DDoS attacks, as many attacks start with phishing emails or other social engineering attacks.

DDoS attacks are a serious and growing threat in 2023 that requires constant vigilance and preventive action from companies of all sizes and industries. By understanding the nature and consequences of DDoS attacks and implementing effective DDoS mitigation strategies, companies can reduce the risk of being the victim of a DDoS attack and secure their online experience.

Link to source: https://ictnews.uz/28/03/2023/ddos/