SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Global surge in DDoS attacks causes dire financial consequences
Tue, 20th Feb 2024

There was a 16% surge in global Distributed Denial of Service (DDoS) attacks throughout 2023, according to a new report issued by Zayo Group, a significant player in global communications infrastructure. Astonishingly, the duration of such attacks in 2023 ballooned by 400%, increasing from an average of 24 minutes in Quarter 1 to over two hours in Quarter 4.

Collectively, these attacks resulted in monumental financial repercussions for businesses worldwide. According to Zayo's findings, unprotected organisations incurred an average financial loss of £4,700 per minute during a DDoS attack, equating to an average total cost of £325,000 per DDoS attack for uninsured corporations.

An alarming trend highlighted in the report revealed that the average duration of DDoS attacks experienced a 400% surge, increasing from 24 minutes to 121 minutes from Q1 to Q4 of 2023. This rise in the length of attacks is a worrying trend which compounds both security and financial concerns for organisations.

Commenting on the findings, Anna Claiborne, Senior VP of Network Connectivity at Zayo, said: "What we're seeing is that cybercrime is only getting savvier. AI is presenting itself as a double-edged sword in this space. On one side of the blade, criminals are using AI to increase the sophistication of attacks and circumvent traditional defence mechanisms; on the other, mitigation platforms are using AI to dynamically identify and defend against new and emerging threats. As DDoS remains a profitable model for cybercriminals, attacks will continue to be a brutal inevitability for businesses."

The report identified the industries most affected by DDoS attacks in 2023. Telecommunications companies were under significant threat, accounting for about 40% of the total attack volume with nearly 13,000 attacks in H2 of 2023. Additionally, retail and healthcare sectors experienced the largest attacks during the same period.

Furthermore, the education sector, often targeted due to gaps in cybersecurity, accounted for 17% of all attacks over the last year. Lastly, government entities witnessed an overwhelming surge in the duration of attacks, with the average attack length increasing from 4 hours in H1 to 18 hours in H2 of 2023, a growth of 322%.

"We're in an attacker's market, and they are leveraging sophisticated technologies and cutting-edge techniques to innovate the way they deceive, disrupt and destroy our most critical data. To stop the attackers from gaining the upper hand, we need DDoS protection that is as easy and effective as turning on a switch", added Eric O'Neill, National Security Strategist at Carbon Black.

As the complexity of DDoS attacks continues to evolve, and the associated costs rise, businesses are being reminded of the inherent need to invest in forward-thinking and advanced DDoS protection measures to safegaurd their operations from increasingly sophisticated cyber threats.