DDoS attacks are getting bigger and costlier - here’s why

Concept art showing DDoS attacks overloading servers and networks
(Image credit: Getty Images)

Distributed Denial of Service (DDoS) attacks are getting longer and thus more expensive, according to a new report.

Research by communications infrastructure provider Zayo Group found the average length of attacks surged by more than 400% from Q1 to Q4 last year — from 24 minutes to 121 minutes.

The average DDoS attack lasted 68 minutes in 2023; and, with impacted organizations paying out an average of $5,896 (£4,700) per minute of each attack, that means an average cost of $407,727 (£325,000).

Meanwhile, the number of attacks rocketed during the first half of 2023 - up 200% compared with 2022 as a whole. However, things eased off during the second half of the year, with just a 16% increase in attack activity.

Despite this, Zayo warned that volumetric attacks are being replaced by multi-vector attacks, which target individual IP addresses, email systems, databases or web browsers – and which are much harder to detect.

"What we’re seeing is that cybercrime is only getting savvier," said Anna Claiborne, senior VP of network connectivity at Zayo.

"AI is presenting itself as a double-edged sword in this space. On one side of the blade, criminals are using AI to increase the sophistication of attacks and circumvent traditional defense mechanisms; on the other, mitigation platforms are using AI to dynamically identify and defend against new and emerging threats."

DDoS attacks affect a wide range of industries

In terms of different industries, telecommunications companies experienced the most frequent attacks, accounting for around 40% of total attack volume and nearly 13,000 attacks in the second half of 2023.

The biggest attacks during the period affected retail and healthcare companies, with an average attack size of 2.5 Gbps across companies in both industries.

Government bodies fell victim to the longest attacks, however. Zayo found the average attack duration increased from four hours in the first half of the year to 18 hours in the second - a rise of 322%.

This also represented an increase of 1,141% from the first quarter of the year to the last in 2023.

Meanwhile, educational institutions accounted for 17% of all attacks last year. This, Zayo said, is partly due to the ease and affordability of botnet-for-hire services, combined with the poor cyber security of the institutions.

"Most people on the internet aren’t plotting a DDoS attack, but the internet is a big place and dark web crime is the fastest growing business on earth," said Eric O’Neill, national security strategist at Carbon Black.

"We’re in an attacker’s market, and they are leveraging sophisticated technologies and cutting-edge techniques to innovate the way they deceive, disrupt and destroy our most critical data."

Last September, a report from Europol found that Russia's invasion of Ukraine had led to a significant boost in DDoS attacks against EU targets. Pro-Russian hacktivist group Killnet, it said, had ramped up its activities, claiming responsibility for attacks against the European Parliament and EU infrastructure.

"Criminals also use DDoS as a service platforms to launch low-volume attacks against company websites and demand ransom payments threatening to cripple the service otherwise," Europol said at the time.

Emma Woollacott

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.