Lumen research reveals latest DDoS stats, trends, predictions and costs

Nearly 90% of Q4 DDoS attacks were potentially 'hit and run" style, probing attacks.

  • 1 year ago Posted in

Lumen Technologies has released its latest report detailing Distributed Denial of Service (DDoS) activity from Q4- and full-year 2022. The report includes 2023 predictions, a DDoS cost breakdown, and Q4 and full-year data from the Lumen DDoS mitigation service. 

 

Additional analysis provided by the Lumen Black Lotus Labs® threat intelligence team, their intelligence feeds Lumen's Rapid Threat Defense – a proprietary countermeasure that automatically blocks attacks before they reach the customer's network. 

 

"Companies' digital interactions with partners and customers are accelerating, and that's led to both an increase in attacks, and subsequent investments in DDoS- and application layer-protections," said Andrew Dugan, chief technology officer for Lumen. "In addition to mitigating the largest DDoS attack to-date in 2022, we observed hit-and-run style attacks along with complex campaigns targeting governments, civilian infrastructure and high-profile industries. We expect these trends to continue in 2023, underscoring the need for comprehensive web application and API security solutions." 

 

2023 DDoS predictions 

 

Researchers reviewed data from the Lumen DDoS mitigation service to develop the following predictions for 2023: 

 

Attackers will find new resources to leverage. Cybercriminals and defenders are constantly maneuvering to stay one step ahead. In 2022, attackers began leveraging cloud-based, virtual services in ways never seen before. We anticipate they will look for similar new attack methods in 2023. 

 

Expansion of the victim pool. Large organizations continue to fortify their defenses, so we believe attackers might begin targeting small- and mid-size businesses. These organizations typically have fewer cyber defenses, but they still have critical data and applications that could attract criminals. 

 

Timing is intentional. While DDoS attacks have become ubiquitous with certain days like Cyber Monday, data from the Lumen DDoS mitigation service reveal the most popular week for DDoS attacks in 2021 and 2022 were the days surrounding the July 4 holiday in the United States. Lumen predicts attackers will coordinate attacks to coincide with holidays and culturally significant events throughout 2023. 

 

The cost of a DDoS attack 

 

The Q4 DDoS report also includes a breakdown of the potential cost of a DDoS attack. The estimate is based on data entered into Lumen's online DDoS Impact Calculator. Several factors influence the cost, so researchers developed a generic use-case based on the following assumptions: 

 

The simulated victim is a Software and Technology company with $2 billion in annual revenue. 

Online motions account for $500 million of total revenue. 

 

The company has a small IT team with two employees dedicated to fixing security issues. 

On average, security-related incidents generate 25 customer support calls per hour. 

 

Results: This organization is expected to be targeted with 13 DDoS attacks per year resulting in 19 hours of downtime per attack at a cost of nearly $21 million. 

 

Notable DDoS statistics from the Q4 DDoS report 

 

Q4 2022 

 

Nearly 90% of all DDoS attacks in Q4 were potentially "hit and run" style. These attacks last 30 minutes or less, and threat actors frequently use them to probe a target's defenses before launching a larger, sustained attack. 

 

Domain Name System (DNS) is an essential service, and the number of DNS amplification attacks increased 73% quarter over quarter. 

 

Full-year 

 

Lumen mitigated 22% more DDoS attacks in 2022 than in 2021. 

The largest attack Lumen mitigated in 2022 was 1.06Tbps. It occurred in Q2 2022 and was also the largest DDoS attack Lumen has mitigated to-date. 

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...