Zayo Group Holdings, a prominent player in communications infrastructure, has sent shockwaves through industries with the release of its Annual Distributed Denial of Service (DDoS) Insights Report, offering a chilling analysis of the first half of 2023.
Explosive Rise in Attacks: The report highlights an astounding 314 percent upsurge in overall DDoS attacks in the first half of 2023 when compared to the same period in the previous year. Yet, this staggering statistic only scratches the surface – certain industries faced an astronomical increase of over 1,300 percent.
Q2 2023: An Unprecedented Escalation: The ominous trend continued to worsen in the second quarter of 2023, demonstrating an alarming 387 percent spike in attack activity compared to the first quarter of the same year. Cyber attackers are leveraging the power of AI and automation to advance their assault strategies.
Industries in Peril: Telecommunications companies emerged as prime targets due to their critical role in enabling communication and internet services. This sector bore the brunt of attacks, accounting for nearly half of the total attack volume, amassing over 37,000 attacks during the first half of 2023.
The education sector, previously the most targeted industry in the first half of 2022, followed closely behind telecommunications. Cloud and Software as a Service (SaaS) enterprises experienced a substantial increase in attack frequency between the first halves of 2022 and 2023.
Magnitude of Attacks: Retail, telecommunications, and media entities suffered the largest attacks, with an average attack size of 3 Gbps across these verticals. Such an attack scale is potent enough to disrupt the operations of one to two offices, depending on the company’s size. The most colossal aggregate attack, at a staggering 978 Gbps, targeted the telecommunications sector, a shift from the trends observed in 2022, which targeted telecommunications and government sectors.
Prolonged Onslaughts: Unlike the previous year where the healthcare sector faced the longest attacks, the government sector held this unfortunate record in 2023. On average, across all industries, the duration of attacks skyrocketed by 216 percent from Q1 to Q2. The finance sector experienced the most substantial jump, with attack duration soaring from 41 to 108 minutes.
The Grave Implications: DDoS attacks represent the most prevalent form of cyber threats aimed at an organization’s online presence. These attacks flood a target’s internet circuit with bogus or malicious traffic, obstructing legitimate user traffic. Even small-scale attacks can result in hours of downtime, incurring substantial costs in terms of lost revenue, time, customers, and reputation.
Regardless of attack frequency, duration, or size, companies without adequate protection bore a hefty average cost of $200,000 per DDoS attack, according to HubSpot. Even small businesses were not spared, grappling with an average recovery cost of $120,000.
Anna Claiborne, SVP of Packet and Product Software Engineering at Zayo, emphasized the dire circumstances: “The odds of your business falling victim to a DDoS attack are rapidly increasing. The pervasive surge in attacks and the rise of attacks exceeding 100Gbps paint a grim picture. The ramifications extend far beyond immediate costs, as the long-term loss of customer trust is challenging to quantify and repair. Operating a business online without robust DDoS protection is a risk that demands careful consideration.”
As the threat landscape intensifies, organizations find themselves at a crossroads, compelled to fortify their digital defenses to fend off the escalating menace of DDoS attacks.
