Craig Lusher from our Secure team provides a comprehensive analysis of the latest DDoS statistics from the third quarter of the year and their implications for cybersecurity trends.
Overview of 3Q 2024
The third quarter of 2024 has continued to show relatively low DDoS attack activity, with 37 attacks recorded. This represents a slight increase from 2Q’s 32 attacks but remains significantly lower than the 359 attacks recorded in 3Q 2023. The most active month was July, which aligns with historical patterns of increased summer activity.
Attack intensity and scale
3Q 2024 showed some interesting patterns in attack intensity:
- Highest attack size: 16.8 Gbps
- Average attack size: 0.8 Gbps
- Peak MPPS (Megapackets per second): 0.32
This quarter’s largest attack (16.8 Gbps) represents a significant decrease from 2Q 2024’s peak of 85.5 Gbps. For perspective, this is dramatically lower than the massive attacks seen in 2023, which peaked at 560.6 Gbps in Q2 2023, and over 1Tbps prior to that.
Customer impact analysis
Key statistics for 3Q 2024:
- Highest number of attacks on a single customer: 19 (up from 7 in 2Q)
- Total attack duration: 25.0 hours
- Longest single attack: 3.48 hours
Quarterly comparison and trends
Comparing 3Q 2024 with recent quarters reveals several interesting trends:
-
Attack volume stabilization
- 1Q 2024: 58 attacks
- 2Q 2024: 32 attacks
- 3Q 2024: 37 attacks
This shows a relative stabilisation at lower attack volumes compared to 2023’s numbers.
-
Attack intensity evolution
- 1Q 2024: 3.0 Gbps peak
- 2Q 2024: 85.5 Gbps peak
- 3Q 2024: 16.8 Gbps peak
While more intense than 1Q, 3Q’s attacks remained relatively moderate compared to historical peaks.
-
Customer impact patterns
The consistent number of affected customers over 2Q and 3Q 2024 suggests a stable threat landscape, though individual customers faced more repeated attacks in 3Q.
Year-over-year analysis
Comparing 3Q 2024 to 3Q 2023 shows a dramatic shift in the threat landscape:
- Total attacks decreased by 90% (359 → 37)
- Largest attack size decreased by 89% (149.7 Gbps → 16.8 Gbps)
Implications and insights
-
Attack evolution
The lower volume but moderate intensity of attacks suggests a shift in attacker strategies, possibly focusing on more targeted, strategic attacks rather than broad campaigns.
-
Attack duration
The average attack duration of 2 hours shows a trend toward longer, more sustained attacks compared to previous quarters, potentially indicating more sophisticated attack strategies.
Looking ahead
While attack volumes remain relatively low compared to 2023 and previous, the increase in attacks per individual customer and attack duration suggests continued evolution in threat actors’ strategies. Organisations should maintain robust DDoS protection despite the lower overall attack volumes, as the pattern of attacks suggests more targeted and potentially more sophisticated approaches.
The historical pattern of increased activity during major sporting events and holiday periods suggests potential for increased activity in the upcoming quarters, particularly with various significant events on the horizon.
This analysis demonstrates the importance of maintaining comprehensive DDoS protection and the value of Continent 8’s multi-layered security approach, even during periods of relatively low attack volume.
Continent 8’s DDoS mitigation solution
Our best-in-class DDoS solution continues to evolve and in recent months we have amplified our scrubbing capacity to 5+ Tbps, as well as increased our scrubbing centres geographically deployed across multiple continents. Locations include Los Angeles, Chicago, New York, Miami, London, Amsterdam, Frankfurt, Singapore, Hong Kong and Sao Paulo.
Key features of our mitigation solution:
DDoS protection should also form part of a wider, multi-layered approach to cybersecurity. A 360-degree, end-to-end protection strategy should include DDoS mitigation solution as well as WAF/WAAP protection, MDR/EDR services, SIEM and SOC resources, VAPT assessments, backup solutions, and mobile device and phishing defence services.
This is the only way to have multiple protections in place for each attack type and to ensure the greatest level of resilience.
To learn more about how Continent 8 can help protect your organisation, contact a member of the team via sales@continent8.com or our Contact Us form.
