DDoS Attacks in H1 2023 Up 200% from 2022 According to New Zayo Data

● New Zayo report analyzes trends in Distributed Denial of Service attacks from the first half of 2023

● DDoS attack activity increased nearly four-fold from Q1 to Q2 2023, spurred by increased automation

Zayo Group Holdings, Inc., a leading global communications infrastructure provider, announced its annual Distributed Denial of Service (DDoS) Insights Report, analyzing DDoS attack activity and impact across industries in the first half of 2023.

The global landscape of increasing digitization, political unrest and the emergence of widespread adoption of work-from-home have all contributed to an increase in DDoS attacks, which jumped 200% in H1 2023 compared to the full year 2022.

Key Findings in Brief:

● Rapid Acceleration of Attacks: There was a 314% increase in overall attacks from the first half of 2022 to the first half of 2023. But that’s putting it lightly—in some industries, the growth was over 1,300%.

● Q2 2023 Reached a Fever Pitch: As attackers continue to exploit the sophistication of AI and automation, there was a 387% increase in attack activity from Q1 to Q2 of this year alone.

● Industries Under Fire:

○ Telecommunications companies were a prime target for attackers due to the critical role telecom providers play in providing communication and Internet services. The industry saw the most frequent attacks, accounting for roughly half of the total attack volume, with more than 37,000 attacks in the first half of 2023.

○ Education, which had the highest frequency of attacks in the first half of 2022, was just behind the telecommunications industry. Cloud and Software as a Service (SaaS) companies also saw a significant increase in the frequency of attacks from the first half of 2022 to the first half of 2023.

○ Retail, telecommunications and media companies experienced the largest attacks, with an average attack size of 3 Gbps across all three verticals, which is a large enough attack to take down one to two offices depending on the company size. The largest aggregate attack, against the telecom sector, was 978Gbps. Comparatively, in 2022, telecommunications and government experienced the largest attacks.

○ The government sector experienced the longest attacks of any sector, a change from healthcare in 2022. Across all industries, the average duration of attacks increased by 216% from Q1 to Q2, with the finance industry seeing the largest leap from 41 minutes to 108 minutes.

Why it Matters:

DDoS attacks are the most common cyberattack against an organization’s online presence. These are deliberate attacks in which a target’s Internet circuit is flooded with fake or illegitimate traffic to prevent true user traffic from passing. Even small attacks can cause hours of downtime, resulting in immense costs for businesses, including lost money, time, customers and reputation.

No matter the attack frequency, duration, or size, unprotected organizations experienced an average cost of $200,000 per DDoS attack, according to HubSpot. Even small businesses are hit hard, with average costs of $120,000 to recover.

“When your business will get hit by a DDoS attack is a game of probability,” said Anna Claiborne, SVP of Packet and Product Software Engineering at Zayo. “With a huge rise in attacks in 2023 and more attacks over 100Gbps, the odds are not in your favor. While there are a myriad of statistics on the cost of remediating a DDoS attack, the long-tail loss of customer confidence after an attack is difficult to quantify and even more difficult to fix. Running any business on the Internet without DDoS protection is a risk, and you have to ask yourself if it’s one worth taking.”

To download the full report and learn more about how Zayo can help protect your business from cyber attacks, visit https://www.zayo.com/resources/truth-and-trends-of-ddos-attacks/.