A new report by Zayo Group has revealed an 82% increase in Distributed Denial of Service (DDoS) attacks from 2023 to 2024.
The report indicates that the number of attacks rose from 90,000 incidents in 2023 to more than 165,000 in 2024. Zayo Group says the increase is attributed to cybercriminals utilising artificial intelligence (AI) and the wider adoption of Internet of Things (IoT) devices, allowing them to carry out attacks that are faster, more persistent, and increasingly sophisticated.
Max Clauson, Senior Vice President of Network Connectivity at Zayo, stated, "We're seeing attackers use larger botnets of compromised IoT devices and AI to drastically increase the scale of attacks.
"As the sophistication of DDoS attacks continues to grow, cybercriminals are finding ways to exploit cloud services, higher bandwidth availability, and new vulnerabilities in software and network protocols. Both the public and private sector need to invest heavily in DDoS mitigation to continue to protect critical infrastructure and ensure long-term data security," he said.
The report showed that tlecommunications has remained the most targeted sector, accounting for 42% of all incidents in 2024, though this marks a decrease from 48% in 2023. Meanwhile, the finance sector saw its share of attacks double, rising from 3.5% in 2023 to 7% in 2024.
Cloud and Software as a Service (SaaS) companies witnessed a notable increase in attacks, representing 11% of total attacks for the year, with 15,740 occurrences in the latter half of 2024 alone. The healthcare sector experienced a significant increase of 223% in attacks, while the manufacturing industry saw the average attack size grow by 257% from 2023 to 2024, according to the report.
The report says that the financial impact of these attacks on businesses is severe, with each incident costing nearly USD $234,000, calculated at a rate of USD $6,000 per minute for an average attack duration of 39 minutes. The attacks predominantly take place during business hours, strategically designed to maximise disruption.
There is also an anticipated increase in the use of DDoS-as-a-Service, which lowers the barrier for conducting attacks, potentially leading to more incidents and diverse attack methods. This highlights the essential nature of proactive and scalable DDoS protection for organisations of any size.
Zayo's report emphasises that DDoS attacks remain a significant threat, potentially causing extensive financial, operational, and reputational damage to organisations. Effective mitigation measures are crucial as AI and automation continue to evolve within the threat landscape.
