Nearly 90% of Q4 DDoS attacks were potentially
'hit and run" style, probing attacks
DENVER, Feb. 13,
2023 /PRNewswire/ -- Lumen Technologies® (NYSE: LUMN)
today released its latest report detailing Distributed Denial of
Service (DDoS) activity from Q4- and full-year 2022. The report
includes 2023 predictions, a DDoS cost breakdown, and Q4 and
full-year data from the Lumen DDoS mitigation service.
Join Lumen DDoS experts in a live, online
Q&A on Tuesday, Feb. 14 at
9:30 a.m. MT
Additional analysis provided by the Lumen Black Lotus Labs®
threat intelligence team, their intelligence feeds Lumen's Rapid
Threat Defense – a proprietary countermeasure that automatically
blocks attacks before they reach the customer's network.
Read the Lumen Q4 2022 DDoS Report, and register for a live
Q&A with Lumen security researchers who will discuss the
findings on Tuesday, Feb. 14, 2022,
at 9:30 a.m. MT.
"Companies' digital interactions with partners and customers are
accelerating, and that's led to both an increase in attacks, and
subsequent investments in DDoS- and application layer-protections,"
said Andrew Dugan, chief technology
officer for Lumen. "In addition to mitigating the largest DDoS
attack to-date in 2022, we observed hit-and-run style attacks along
with complex campaigns targeting governments, civilian
infrastructure and high-profile industries. We expect these trends
to continue in 2023, underscoring the need for comprehensive web
application and API security solutions."
2023 DDoS predictions
Researchers reviewed data from the Lumen DDoS mitigation service
to develop the following predictions for 2023:
- Attackers will find new resources to leverage.
Cybercriminals and defenders are constantly maneuvering to stay one
step ahead. In 2022, attackers began leveraging cloud-based,
virtual services in ways never seen before. We anticipate they will
look for similar new attack methods in 2023.
- Expansion of the victim pool. Large organizations
continue to fortify their defenses, so we believe attackers might
begin targeting small- and mid-size businesses. These organizations
typically have fewer cyber defenses, but they still have critical
data and applications that could attract criminals.
- Timing is intentional. While DDoS attacks have become
ubiquitous with certain days like Cyber Monday, data from the Lumen
DDoS mitigation service reveal the most popular week for DDoS
attacks in 2021 and 2022 were the days surrounding the July 4 holiday in the
United States. Lumen predicts attackers will coordinate
attacks to coincide with holidays and culturally significant events
throughout 2023.
The cost of a DDoS attack
The Q4 DDoS report also includes a breakdown of the potential
cost of a DDoS attack. The estimate is based on data entered into
Lumen's online DDoS Impact Calculator. Several factors influence
the cost, so researchers developed a generic use-case based on the
following assumptions:
- The simulated victim is a Software and Technology company with
$2 billion in annual revenue.
- Online motions account for $500
million of total revenue.
- The company has a small IT team with two employees dedicated to
fixing security issues.
- On average, security-related incidents generate 25 customer
support calls per hour.
Results: This organization is expected to be targeted with 13
DDoS attacks per year resulting in 19 hours of downtime per attack
at a cost of nearly $21 million.
Notable DDoS statistics from the Q4
DDoS report
Q4 2022
- Nearly 90% of all DDoS attacks in Q4 were potentially "hit and
run" style. These attacks last 30 minutes or less, and threat
actors frequently use them to probe a target's defenses before
launching a larger, sustained attack.
- Domain Name System (DNS) is an essential service, and the
number of DNS amplification attacks increased 73% quarter over
quarter.
Full-year
- Lumen mitigated 22% more DDoS attacks in 2022 than in
2021.
- The largest attack Lumen mitigated in 2022 was 1.06Tbps. It
occurred in Q2 2022 and was also the largest DDoS attack Lumen has
mitigated to-date.
Additional resources
- Read the full Q4 2022 DDoS Report.
- Join Lumen DDoS experts in a live, online Q&A on
Tuesday, Feb. 14 at 9:30 a.m. MT.
- Refer to the Q4 2022 DDoS report for more details about this
use case.
- See Lumen's analysis of the security trends observed in 2022
that could shape defenders' responses in 2023.
- Visit the Lumen Quarterly DDoS report archive.
- Learn about Lumen's comprehensive DDoS mitigation and Next-gen
WAF/WAAP services.
- See how Lumen Rapid Threat Defense uses global threat
intelligence from Black Lotus Labs® as a countermeasure to block
DDoS bots on the network as traffic hits a scrubbing center.
About Lumen Technologies
Lumen is guided by our belief that humanity is at its best when
technology advances the way we live and work. With approximately
400,000 route fiber miles and serving customers in more than 60
countries, we deliver the fastest, most secure platform for
applications and data to help businesses, government and
communities deliver amazing experiences. Learn more about the Lumen
network, edge cloud, security, communication and collaboration
solutions and our purpose to further human progress through
technology at news.lumen.com/home, LinkedIn:
/lumentechnologies, Twitter: @lumentechco, Facebook:
/lumentechnologies, Instagram: @lumentechnologies and YouTube:
/lumentechnologies. Lumen and Lumen Technologies are registered
trademarks in the United States.
Services not available everywhere. Business customers only.
Lumen may change, cancel or substitute products and services, or
vary them by service area at its sole discretion without notice.
©2021 Lumen Technologies. All Rights Reserved.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/lumen-research-reveals-latest-ddos-stats-trends-predictions-and-costs-301744499.html
SOURCE Lumen Technologies