New DDoS Report for 2022

  • Lisa Fröhlich
  • February 23, 2023

Table of content

    New DDoS Report for 2022

    Adaptive and complex – DDoS attacks and their Metamorphosis 

    • DDoS attacks in 2022: Critical payload reached after 55 seconds on average (2021: 184 seconds) 
    • Increase in packet rate: Average number in 2022 is 3.3 million packets per second – only 990,000 in the previous year. 
    • Absolute decrease in attacks by -79%: A deceptive all-clear? 

    Frankfurt, February 23, 2023. After the very high DDoS attack numbers in 2021, mainly due to the effects of the Corona pandemic, the war in Ukraine led to an increase in mainly politically motivated DDoS attacks. Attacks on the Link11 network decreased year-on-year for the first time in 2022 (-79%). Nevertheless, the long-term trend of increasing cyberattacks is unstoppable. Experts at the World Economic Forum warned of a veritable “cyber storm” expected in the coming years.

    Turbo attacks and packet rate driving new DDoS reality 

    “We are currently seeing a very dynamic situation,” says Lisa Fröhlich, company spokesperson at Link11. “Attacks may have decreased, but the attacks recorded in 2022 were more adaptive, intense, and sophisticated.” One of the reasons for this is the so-called “turbo attacks.” DDoS attacks recorded in the Link11 network were analyzed by how many seconds must pass after the first bytes are transmitted before the traffic reaches its maximum value.  

    These very fast-onset attacks reached their  critical payload in 2022, an average of just 55 seconds after the DDoS attack began. In comparison, attacks in 2021 peaked only after an average of 184 seconds. In addition, nearly three-quarters of attacks (71%) lasted less than five minutes in 2022.  

    Two other important factors accompany this trend. One is the increased average packet rate (3.3 million packets per second) compared to the previous year (990,000 packets per second). Second, the average total bandwidth of attacks has almost doubled. While it was 1.4 Gbit/s in 2021, it increased to 2.6 Gbit/s in 2022. 

    Attacks are simultaneously shorter and more intense. In addition, enterprises are highly targeted with sophisticated DDoS attacks. The more concentrated, targeted, and sophisticated attacks are, the more precision and speed are required to detect and defend against them. Therefore, time is becoming increasingly essential in dealing with DDoS attacks.  

    DDoS as a tool of geopolitical warfare   

    Cyber actors deploy sophisticated malware or complex DDoS attacks even in peacetime, but using them as weapons in cyberwarfare has taken the threat to a new level. The consequences can be much more far-reaching. Since the German government pledged to supply battle tanks to Ukraine in January 2023, hardly a day goes by without media reports of DDoS attacks, especially on critical infrastructure operators. In its latest situation report, the BSI notes that the threat is “higher than ever.”    

    The pro-Russian hacker group “Killnet” has attracted much media attention since 2022. It has declared cyberwar on NATO countries, including Germany, and carried out attacks on critical infrastructure, airport websites, government services, banks, and the media – coupled with disinformation campaigns to unsettle the public.    

    Lisa Fröhlich, the company spokesperson at Link11, says: “2022 showed how dynamic and unpredictable the attack landscape is. Politically motivated DDoS attacks dominated as a component in cyber warfare. While it may look like a breather, the threat has not gone away – the number of attacks has already increased in January 2023 and the metamorphosis of DDoS attacks is well underway. They are becoming more diverse, complex, and sophisticated. This makes them an unpredictable threat to organizations of all types and sizes. ”  

    Click here to download the full report. 

    Link11 presents its advanced Cloud Security Platform at it-sa
    DDoS Competence Center introduced at CeBIT 2015 by Link11
    X