The number of mixed multi-vector DDoS-attacks doubled in Q1 2024

The number of mixed multi-vector DDoS-attacks doubled in Q1 2024, compared to the previous quarter. It comprised 23.22% of the total volume, according to a report by Qrator Labs, a leading provider of cyber attack mitigation services. A multi-vector DDoS attack involves a combination of vectors, targeting, for example, a range of IP addresses from the infrastructure together with an application-level attack on a single website IP address. 

The company attributed this surge to the enhanced capabilities now available to hackers. “This increased power enables the orchestration of numerous attacks in a “carpet bombing” style (continuous, intense, sequential strikes over vast areas),” notes Victor Zyamzin, the Chief Business Officer at Qrator Labs. The authors of the report further note that such multi-vector attacks are more likely to succeed because most cybersecurity solutions focus on protecting individual IP addresses rather than entire infrastructures and networks.

As for the single vector attacks, IP fragmented floods dominated the landscape in the Q1 2024, constituting 40.76% of all incidents. UDP floods followed, representing 24.64% of attacks; however, this figure marked a decline of one-third from the previous quarter and a 12.56% drop year-over-year. 

Overall, the largest number of DDoS-attacks occurred in the e-commerce segment, accounting for 25.26% of all incidents. The financial technologies segment followed in second place with 22.63%, and educational technologies ranked third with 13.16%. As for micro-segments, online stores were the most frequently targeted, suffering 20% of all attacks. Banks accounted for 13.68% of attacks, while online education took third place with an 11.68% share.

The longest attack was recorded in the e-commerce segment. The incident took place in February and lasted almost three weeks. The second longest attack, lasting 72 hours, was detected in the online betting segment. Rounding out the top three was a six-hour-long incident in the banking segment.

Regarding intensity of DDoS-attacks, online betting, internet retail, and hosting platforms experienced the highest numbers, with figures reaching 881.8 Gbps, 686.6 Gbps, and 270.5 Gbps, respectively. Notably, media, social networks, food service, and manufacturing sectors also saw peak intensities exceeding 100 Gbps. “Previously, attacks on the manufacturing sector were rare, but the figures from the first few months of this year present surprises and prompt consideration of emerging trends in network security,” notes Zyamzin.

Authors of reports note that attacks occurring in the Q1 of 2024 show signs of commercial attacks, which have been gaining popularity since last year. “This trend is natural, given the expansion of communication channels, the transition to new protocols to optimize the work of remote offices, and the ease and low cost of organizing DDoS attacks. All of these factors provide opportunities for malicious actors to influence businesses. As a result, companies face reputational risks, direct financial losses, lost profits, disrupted marketing campaigns, and resources spent on restoring system functionality,” states Zyamzin.