In 2024, Cloudflare reported a massive 53% increase in DDoS (Distributed Denial-of-Service) attacks compared to the previous year. The most jaw-dropping moment came when one attack hit a record-breaking 5.6 Terabits per second (Tbps), making it the largest DDoS attack ever recorded. Granted, this is to be expected, as we advance our security, threat actors also advance their tools to break that security.
Cloudflare Blocks Over 21 Million DDoS Attacks
Cloudflare blocked a staggering 21.3 million DDoS attacks in 2024. The fourth quarter was especially intense, with more than 420 attacks exceeding 1 Tbps, a 20-fold increase compared to the previous quarter. Among these, the Halloween week attack stood out as the most memorable—Cloudflare’s systems successfully blocked the 5.6 Tbps assault.
Most of the attacks came from botnets, with HTTP DDoS attacks being the most common. Attackers have become more sophisticated, using older versions of Chrome (from 118 to 129) to blend in with regular traffic. Even more concerning, Cloudflare found that 99.9% of requests from certain smart TVs and set-top box user agents were malicious.
Additionally, attackers are often opting for HEAD or DELETE requests, which are less common than the usual GET and POST methods, making it harder for defenders to spot malicious traffic.
The DDoS Attacks
When it comes to network protocols, SYN Floods, DNS floods, and UDP floods were the most popular attack methods. The largest DDoS attack of the year came from a Mirai-variant botnet using UDP, targeting a Cloudflare Magic Transit customer in Eastern Asia. This attack lasted only 80 seconds but involved over 13,000 IoT devices.
While most DDoS attacks are smaller in scale—typically involving fewer than 50,000 requests per second and lasting under 10 minutes—some of the larger attacks can last for hours, firing millions of requests per second.
Indonesia was the biggest source of DDoS attacks in 2024, followed by Hong Kong, Singapore, and Ukraine. On the flip side, the most targeted countries included China, the Philippines, Taiwan, and Germany.
Who Dunnit?
Businesses often believe their competitors are behind these DDoS attacks (40%), but state-sponsored hackers (17%) and disgruntled customers (17%) are also common culprits. Cloudflare also noted an uptick in ransom DDoS attacks, a trend that spikes during the holiday season when cybercriminals look to disrupt online shopping, travel, and holiday activities.
2024 was a record-breaking year for DDoS attacks, and it’s clear that businesses need to stay vigilant. With attackers getting more creative and the stakes higher than ever, being prepared to defend against these threats is more important than ever.
We hope you’ve liked this blog and that you’ll stick around to see our future releases. We cover everything from recent IT News to Knowledgebase articles. Thanks for reading!
