UNDER ATTACK? CALL US

THANK YOU FOR YOUR INTEREST IN NSFOCUS REPORTS​

2023 Global DDoS Landscape Report

Global DDoS Landscape Report cover design.

The 2023 Global DDoS Attack Landscape Report provides a comprehensive analysis of the current state of Distributed Denial of Service (DDoS) attacks, highlighting significant shifts in strategies, targets, and the evolving threat landscape. A remarkable increase in attack scales, with a surge in large-scale incidents, has been observed, indicating a more aggressive and coordinated cyber-attack ecosystem. The report reveals a clear trend towards the use of Application Layer attacks, with HTTPS Flood emerging as the predominant method, leveraging the widespread adoption of HTTPS protocols.

Key Findings:
  • Scale and Frequency of Attacks: A significant increase in large-scale DDoS attacks with a record number of incidents exceeding 500Gbps, indicating a more aggressive and coordinated threat landscape.
  • Application Layer Dominance: HTTPS Flood emerged as the leading DDoS attack method, reflecting a shift towards application layer attacks that exploit the widespread use of HTTPS protocols.
  • Geopolitical Cyber Warfare: DDoS attacks are increasingly being used as strategic tools in geopolitical conflicts, targeting government and critical infrastructure to disrupt services and create chaos.
  • APT Attack Prelude: There’s a growing trend of DDoS attacks serving as a cover for more sophisticated APT attacks, highlighting the need for comprehensive defense strategies.
  • Emerging Attack Vectors: The report identifies new DDoS attack methods, such as SLP reflection amplification and HTTP/2 Rapid Reset attacks, underscoring the importance of vigilance against evolving security threats.
  • Botnets and IoT Vulnerability: Botnets, especially those operating on IoT platforms, remain a significant threat, with botnets being increasingly commercialized, making DDoS attacks more accessible to a broader range of attackers.
  • Commercialization of DDoS Services: The availability of DDoS attack services for hire, often through social media and dark web platforms, has democratized access to these attacks, posing a challenge for cybersecurity defenses.