Unveiling the New Threat Landscape

Next Section

The rising tide of DDoS attacks threaten organizations worldwide that deliver critical access and services. This tide brings new threats, evolving tactics, and a doubling-down on adversary methodologies to launch hybrid application-layer and botnet-based direct-path DDoS attacks.

From our first Worldwide Infrastructure Security Report (WISR) in 2005 to our 5th Anniversary DDoS Threat Intelligence Report today, we have witnessed a tenfold increase in DDoS attacks. These attacks evolved from simple denial-of-service to dynamic distributed denial-of-service where attacks evolve and adapt to counter network defenders. This is unfolding while adversaries continue to expand and launch new botnets to devastating effect, creating a shifting paradigm with direct-path attacks at the center. Complex multi-vector attacks and more sophisticated adversary methodologies have become commonplace, highlighting the need for intensive scrutiny of the threat landscape and an ever-evolving defense-in-depth positioning to weather the onslaught of attacks that include carpet-bombing to application-layer and state-exhaustion attacks.

These attacks have a very real impact as reported by our customers, the largest service providers and enterprises in the world. We continue to invest heavily in research and development of our Visibility Without Borders®, ATLAS platform, as we have done for over the last two decades. ATLAS is the key to understanding these threats, learning from them, and positioning organizations to mitigate these attacks. It is also the fuel that powers this DDoS Threat Intelligence Report, enabling global DDoS awareness and defense. We would like to thank our customers for supporting and joining us in this mission, as Guardians of the Connected World.


Key Findings

Scaling Internet Traffic to Infinity and Beyond

With more than 34 exabits of daily network transit and aggregate peaks at 436 petabits of DDoS attack traffic reported by ATLAS, large-scale DDoS mitigation is critical.

Bad Bots in Business

Direct-path attacks surged as bots powered by server-class hardware and high-speed wireless widened the gap from volumetric attacks to a staggering 36 percent, a difference of nearly 2 million attacks.

Rising Tides in Attack Methodology

From TCP direct-path attack vectors to carpet-bombing and application layer attacks against DNS servers and websites, adversaries accelerated their adoption of attack targets and techniques, resulting in huge increases in the second half of 2022.

Dissecting an Adaptive DDoS Attack

Monitoring the efficacy of attacks is nothing new in the DDoS world, but the variations in attack size, scale, and complexity are worth scrutiny, as our detailed examination of a weeklong attack on the energy sector demonstrates.

DDoS Attack Motivations Know No Bounds

From nihilism to extortionism, adversaries waged a war across the world, intent on their goal in denying access to critical resources and information for tens of millions of users.

Takedown and Take Action

A global effort and global participation is what it takes to put even the smallest dent in the DDoS threat landscape, but is that enough? Analysis revealed some success in three distinct areas: security practices, DDoS-for-hire takedowns, and botnet disruptions.
<p>Asia Pacific</p>

Regional Highlights

Asia Pacific

Learn more
<p>Europe, Middle East, and Africa</p>

Regional Highlights

Europe, Middle East, and Africa

Learn more
<p>Latin America</p>

Regional Highlights

Latin America

Learn more
<p>North America</p>

Regional Highlights

North America

Learn more
<p>Global<br />Highlights</p>


Learn more
<p>Country<br />Analysis</p>


Learn more
<p>DDoS Attack<br />Vectors</p>

DDoS Attack

Learn more
<p>DDoS-Capable<br />Botnets</p>


Learn more