The prevalence of Distributed Denial of Service (DDoS) attacks has surged dramatically, according to the latest report from Selectel, the largest independent IT service provider in Russia. The second half of 2024 has seen unprecedented growth, with over 80,700 attacks recorded—a staggering 2.6-fold increase compared to the first half of the year.
This sharp rise highlights the increasing intensity and sophistication of cyber threats facing organizations today. From July to December 2024, Selectel reported 80,735 DDoS incidents, averaging approximately 13,455 attacks each month. Particularly notable was the month of October, which recorded the highest number of incidents. The peak attack volume reached 412 Gbps, demonstrating the capacity of malicious actors to overwhelm IT infrastructures.
Selectel’s data collection, facilitated through its DDoS protection service, not only tracks the quantity of attacks but also their type and impact. The report indicates the most common attack vectors, including TCP PSH/ACK Flood, TCP SYN Flood, and UDP Flood, which together constituted 70% of all recorded incidents. These attacks primarily aim to saturate bandwidth or exhaust server resources, resulting in significant disruptions for victims.
While the overall number of attacks has skyrocketed, the average duration of each attack has remained consistent, around seven minutes. This trend is somewhat misleading, as individual clients experienced prolonged attacks—one recorded attack lasted for 202 hours, highlighting the relentless nature of modern cyber warfare. The cumulative duration of attacks on Selectel’s clients over the year amounted to 13,613 hours, reflecting not only the frequency of attacks but also their severity.
The month of November saw the most powerful attacks, which were intense but short-lived, corroborated by Selectel’s report. "The number of attacks increased significantly: from July to December 2024, we recorded 80,735 incidents, 2.6 times more than the first half of the year," said representatives from Selectel to CNews. This insight reveals how attackers are increasingly active, exploiting vulnerabilities and launching multiple attack fronts against their targets.
The maximum frequency of assaults per client occurred too, skyrocketing to 4,621 incidents for one individual client, which is 3.6 times more than the highest figures witnessed earlier this year. This alarming trend indicates not only the increasing aggressiveness of attacks but also the need for proactive defenses to mitigate such threats.
Notably, the report pointed out discrepancies in attack techniques; companies must remain vigilant. UDP Flood attacks are predominantly characterized by sending large volumes of User Datagram Protocol packets, which can easily overwhelm any targeted service when misconfigured. Similarly, TCP SYN Flood and TCP PSH/ACK Flood attacks work by exploiting the connection setup process to congest and immobilize web servers.
Following these patterns, businesses must adapt by adopting advanced security measures. Cybersecurity experts insist proactive response tactics are key to safeguarding against these increasingly frequent attacks, which are effectively causing widespread disruptions across various sectors.
Despite the advancements and quickening pace of attacks, the average duration of individual incidents has not changed significantly, remaining around seven minutes. Throughout the second half of 2024, the longest singular attack recorded extended over eight days, demonstrating the continuous and relentless nature of such cyber threats.
Selectel continues to analyze this influx of cyber threats with the hope of improving response strategies and overall IT resilience. "Attack volumes peaked at 412 Gbps during November, showcasing the growing intensity of cyber threats," Selectel reported. Such insights can help companies rethink their cybersecurity protocols and reaffirm their commitment to securing their digital assets from these ever-evolving threats.
By the end of 2024, over 112,171 attacks were documented by Selectel, marking this year as particularly impactful for the cybersecurity framework within Russia and beyond. Clients struggling with these onslaughts are reminded of the importance of implementing comprehensive DDoS protection measures to safeguard themselves against the challenges posed by modern cybercriminals.
Overall, the report illuminates the growing trend of DDoS attacks, urging businesses, government organizations, and all stakeholders to strengthen their defenses. The essence of this pivotal report from Selectel paints a picture of urgency for enhanced cybersecurity measures moving forward.