DDoS attacks saw a huge rise in 2022

An image of security icons for a network encircling a digital blue earth.
(Image credit: Shutterstock)

The number of dangerous Distributed Denial of Service (DDoS) attacks saw a significant rise in 2022, a new report is saying.

Analysis from Qrator Labs said that the number of attacks, as well as their duration, all spiked in 2022 compared to previous years - with the minimum figures for the last ten months “significantly higher” than peak values seen in the past. 

The duration of DDoS attacks increased ten times in just a year, showing increasingly capabilities from the attackers in terms of their hardware.

Targeting banks and the media

Breaking the numbers down, Qrator says the total number of attacks rose 73% year-on-year, with threat actors focusing mostly on the media (18.5%), but also on banks (10%), and payment systems (13%).

“Banks and payment systems are the most profitable sectors for attackers, and the media is always on the cutting edge when there are any social and political conflicts in society,” explained Alexander Lyamin, founder of Qrator Labs.

The first quarter of the year is when the majority of the attacks - 43.2% - took place. The second quarter registered 23.3%, while the third one, 20.5%. The fourth quarter took up 13.11% of all DDoS attacks for the year.

When it comes to the duration of the attacks, they increased tenfold in just 12 months. While in the first quarter of 2021, the maximum duration of an attack was 10 hours, a year later it rose to more than 10 days. What’s more, the complexity of these attacks also rose.

One of the reasons for this significant increase in the duration is the fact that threat actors no longer need to optimize botnet usage time intensively. The researchers found that hackers have plenty of resources (meaning, enough powerful bots in the botnet) to keep the attack going for weeks. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.