Of all the attacks that can occur online, DDoS attacks are the most frustrating and challenging to prevent.
They work by barraging servers with more requests than they can handle, causing sudden overload, which leads to a crash that often takes hours to restore.
These attacks are detrimental as they cause massive service disruption, financial loss, and damage to a company’s reputation.
That said, below are some major DDoS statistics and some facts on DDoS attacks that businesses and individuals should be aware of in 2023.
Top 6 DDoS Statistics (Editor’s Pick)
- In 2022, Cloudflare intercepted one of the largest HTTPS DDoS attacks.
- In Q1 2022, Kaspersky detected and stopped 91,052 DDoS attacks.
- In Q2 2022, CHARGEN was the top-emerging network-layer DDoS attack vector.
- In 2022, over 500,000 cell phones were the source of DDoS attacks.
- DDoS attacks in Q1 2022 hit 44.34% of US resources.
- 40% of gambling sites in 2022 experienced a DDoS attack within 12 months.
Global DDoS Statistics
1. The global DDoS protection and alleviation industry is predicted to grow to $4.1 billion in 2023.
This growth represents a difference of $2.16 billion from the lows of $1.94 billion in 2018.
2. In 2022, Cloudflare Security was the most significant DDoS & Bot protection software worldwide.
It owned 86.33% of the global market, followed by FS Silverline at 10.34% and Imperva Incapsula at 2.5%. All other software had a market share of 0.83%.
3. There was a 60% increase in malicious DDoS events in H1 2022 than in all of 2021.
The number of malicious events per victim rose by 203%. An average of 12,057 DDoS events were blocked monthly, bringing the figures to 1.5X times higher than in 2020 and 2021.
4. In 2022, Cloudflare Intercepted one of the largest HTTPS DDoS attacks.
This attack had 15 million requests per second, came from 6,000 unique bots, and lasted 15 seconds.
DDoS Attack & Threats Statistics
5. In 2022, DDoS attacks were among the most significant cybersecurity threats globally.
According to Chief Information Security Officers (CISOs), DDoS attacks comprised 30% of all cybersecurity threats and were most likely to occur within the year.
|Major Cybersecurity Threats||Share of CISOs|
|Insider threats (negligence, accidental, criminal)||31%|
|E-mail fraud/Business email compromise||30%|
|Cloud account compromise||30%|
|Supply chain attacks||27%|
6. In Q1 2022, Kaspersky detected and stopped 91,052 DDoS attacks.
There was an average of 1,406 attacks per day, with the highest being 2,250 attacks in one day.
7. In Q1 2022, the average length of DDoS attacks was 2 hours.
94.95% of DDoS attacks were 4 hours or less, 3.27% lasted 5 to 9 hours, and 0.03% lasted over 140 hours.
|Hours (Attack Time)||Distribution|
|Over 140 hours||0.03%|
|4 hours or less||94.95%|
8. The average price of a DDoS attack on the dark web was $850.
As of June 2022, anyone could purchase a monthly DDoS attack on a website at the quoted price. Comparably, the price of a premium malware attack was $5,500.
9. UDP attacks on Microsoft Azure in H2 2021 comprised over 50% of DDoS attacks.
Most User Datagram Protocol (UDP) attacks lasted 30 minutes or less in H1 2021 but grew to 1 to 2 hours in H2 2021.
Ransom DDoS Attack Statistics
10. Ransom DDoS attacks in Q2 2022 increased by 11% from Q4 2021.
Attacks peaked in June at 20%, with 1 out of every 5 individuals experiencing a ransom DDoS attack.
|Quarter||Percentage of Customers|
11. In Q4 2022, 16% of DDoS attack victims received a threat or ransom demand note.
This represents a 14% increase in QoQ and a drop of 6% to 16% from highs of 22% in Q4 2021.
Application-Layer DDoS Attack Statistics
12. 55% of websites attacked by Layer 7 DDoS attacks in Q2 2022 were attacked again within 24 hours.
This represents a 5% rise from figures seen in Q1 2022. Meanwhile, 44.47% of websites were attacked only once.
|Frequency of DDoS Attacks||Share of Customers Affected|
|3 to 5 times||14%|
|6 to 10 times||9%|
13. 58.4% of all application-layer DDoS attacks in Q2 2022 lasted over 15 minutes.
41.6% lasted under 15 minutes, 24.9% up to an hour, and 33.5% lasted over an hour.
14. The Finance Industry was the target of most application-layer DDoS attacks in Q2 2022.
32.8% of all application-layer attacks targeted the finance industry.
The law and government industry came second at 24.8%, and computing and IT third at 13.9%.
|Target Industry||Share of Application-Layer DDoS Attacks|
|Law and Government||24.8%|
|Computing and IT||13.9%|
|Telecom & ISPs||3.8%|
15. The United States was the most application-layer DDoS-attacked country.
As of Q2 2022, 59.3% of all attacks targeted the United States.
Russia came second with 9.4% of all attacks, and the UK third with 6.1%.
|Country||Share of Application-Layer DDoS Attacks|
16. In Q2 2022, there was a 72% increase in application-layer DDoS attacks.
Organizations in Cyprus experienced a 166% rise in attacks. The most targeted industry was the aviation and aerospace industry, which experienced a rise of 493% in attacks.
17. Application-layer DDoS attacks from China and the US decreased by 78% and 43%, respectively.
Meanwhile, attacks from India, Germany, and Brazil in Q2 2022 grew by 87%, 33%, and 67%, respectively.
18. In Q2 2022, application-layer DDoS attacks in the United States increased by 67% quarter on quarter.
Meanwhile, attacks on Chinese companies dropped by 80%.
Network-Layer DDoS Attack Statistics
19. In Q2 2022, CHARGEN was the top-emerging network-layer DDoS attack vector.
There was a 377.7% QoQ change in the Character Generator Protocol (CHARGEN) attack vector.
|Top-Emerging Network-Layer DDoS Threats||QoQ Changes|
20. In Q2 2022. there was a 66% increase in network-layer attacks on telecommunications companies.
13.6% of attacks were directed at telecommunication companies.
Coming second and third were the gaming and IT industries at 3.6% and 1.9%, respectively.
|Industry||Percentage of Attack Traffic|
|Gambling & Casinos||0.3%|
21. Network-layer DDoS attacks in Q2 2022 grew by 109% year on year.
Attacks lasting 3+ hours increased by 12% from Q1 to Q2, while attacks of 100+ Gbps increased by 8% from Q1 to Q2.
22. 43.6% of DDoS attacks in Q2 2022 were network-layer.
Of these, 21.04% lasted over an hour, while 57.69% lasted less than 7 minutes.
|Less than 7 minutes||57.69%|
|Less than 30 minutes||15.98%|
|Up to 60 minutes||5.29%|
|More than 1 hour||21.04%|
23. In Q2 2022, 80% of customers attacked through network-layer DDoS attacks were attacked again.
Of these, 91.18% of customers were attacked again within 24 hours.
48.53% experienced the second attack within 12 hours.
|12 hours - 4 hours||48.53%|
|24 hours - 12 hours||42.65%|
|4 hours & below||8.82%|
24. In Q2 2022, the United States was the most targeted country by network-layer DDoS attacks.
70.1% of attacks targeted the US, with Taiwan and Poland coming second and third, at 7.8% and 4.3%, respectively.
|Country||Share of Network-Layer DDoS Attacks|
|The United States||70.1%|
25. In Q2 2022, 31.6% of network-layer DDoS attacks targeted the banking and finance industry.
Coming in a close second and third was the communications industry at 28.2% and the entertainment sector at 19.4%.
26. 53.6% of network-layer DDoS attacks in Q2 2022 were SYN Floods.
SYN, DNS, and RST were the most popular top three network-layer attack vectors.
|Top Attack Vectors||Percentage|
27. Network-layer DDoS attacks lasting over 3 hours in Q2 2022 grew by 9%.
52.4% of all attacks lasted under 10 minutes, while 39.7% lasted between 10 to 20 minutes.
|Under 10 minutes||52.4%|
|10 - 20 mins||39.7%|
|20 - 40 mins||5.3%|
|40 - 60 mins||1.1%|
|1 - 3 hours||1.0%|
|Over 3 hours||0.5%|
DDoS Attacks on Devices Statistics
28. In 2022, over 500,000 cell phones were the source of DDoS attacks.
60% of attacks came from affected Android devices, while 40% came from iOS devices.
29. In 2021, routers were the most vulnerable IoT devices to DDoS attacks.
Regarding susceptibility to DDoS attacks, routers were at 46%, while cameras and smart home devices were at 3% each.
|IoT Device||Share of Vulnerability to DDoS Attacks|
|Extenders and mesh||17%|
|Smart home devices||3%|
DDoS Attacks Regional Facts
30. In 2021, the United States received 35% of all DDoS attacks globally.
The UK and China came second and third, below 20% each. These attacks targeted the US internet and computer industries.
31. In 2021, over 30% of DDoS attacks in Russia were directed at the retail sector.
Most DDoS attacks in the region were directed at the finance industry by hacktivist groups to disrupt operations and large websites.
32. DDoS attacks in Q1 2022 hit 44.34% of US resources.
Meanwhile, 11.60% of resources in China and 5.06% in Germany were hit by DDoS attacks.
|Country||Percentage of Resources Affected|
|The United States||44.34%|
33. In 2021, DDoS cyber attacks in Italy rose to 20,500.
These DDoS cyber attacks grew by around 13,000 from a low of 7,000 in 2017.
34. 59% of Japanese computer users in 2022 were unaware of the meaning of DDoS.
Meanwhile, 67.5% of Japanese smartphone users did not know or understand the meaning of Distributed Denial of Services (DDoS).
35. In 2021, organizations in the wired telecommunications industry were the main target of DDoS attacks.
In the US, 174,000 DDoS attacks were directed toward organizations within this industry. Others were directed toward businesses in the data processing and hosting service industry.
36. In Q2 2022, there was a 660% rise in DDoS attacks in Ukraine.
80% of these attacks focused on broadcast, online media, internet, and publishing companies.
37. The Banking, Financial Services, and Insurance companies were the most targeted in Russia.
In Q2 2022, 45% of Russia’s DDoS attacks targeted the BFSI sector.
The cryptocurrency sector came second, and online media was third.
The Cost of DDoS Attacks Statistics
38. In Q3 2021, ransom DDoS attacks caused a $700,000 reduction in revenue for Bandwidth.com.
The site reported that the actual loss would amount to $12 million.
39. In March 2022, Among Us remained inoperable for European and North American players after a DDoS attack.
In January, APEX legends pro-gamers complained that “Ranked” was unplayable, while team Andorra was eliminated in the high-stakes Squidcraft Games tournament thanks to DDoS attacks.
DDoS Trends and Statistics
40. In Q2 2022, DDoS attackers used HTTP pipelining and multiplexing to maintain high-rate attacks for hours.
A new DDoS attack record was set for 25.3 billion requests at 3.9M Rps in under 5 hours. An earlier attack had occurred at the high-frequency rate of 10M Rps, using only 121 IPs.
41. The number of DDoS attacks larger than 500 Gbps grew by 287%.
In Q1 2022, the number of attacks up to 1 Tbps was 0.71%. By Q2, this figure had risen to 2.30%, with further attacks of 0.34% above 1 Tbps.
|The Volume of DDoS Attacks||Q1 2022||Q2 2022|
|Up to 10 Gbps||60.80%||55.02%|
|Up to 100 Gbps||34.02%||35.03%|
|Up to 500 Gbps||4.46%||7.31%|
|Up to 1 Tbps||0.71%||2.30%|
|More than 1 Tbps||-||0.34%|
42. 40% of gambling sites in 2022 experienced a DDoS attack within 12 months.
Of these, 80% were attacked more than once. Meanwhile, 25% were attacked in the last month of Q2 and 25% in the last week of Q2.
Protect Yourself From DDoS Attacks
Based on current data, there is a rise in both the frequency and volume of attacks, including the attack durations. Ransom DDoS attacks are also rising, with the BFSI sector being the top targeted industry globally. Additionally, it has become cheaper for attackers and attackers-for-hire to launch DDoS attacks.
Undoubtedly, this trend of large-scale DDoS attacks will not slow down.
Now more than ever, it’s crucial that you have a solid security plan to protect and secure all your digital assets.
While humans initiate DDoS attacks, bots execute them. You must automate detection and mitigation efforts as much as possible to win, which means relying on services such as Cloudflare.
Check our phishing statistics roundup for a holistic view of cyber threats.