Worldwide DDoS Attacks More Than Doubled


In 2022, the total number of distributed denial of service (DDoS) attacks worldwide increased by 115.1% over the amount observed in 2021, according to new research from Nexusguard released in its DDoS Statistical Report for 2022.

The data also showed that cyber attackers continued to alter their threat vectors by targeting the application platforms, online databases, and cloud-based storage systems within Internet Service Providers (ISPs).

This resulted in a significantly greater impact globally as organizations continue to move more of their workloads to the cloud.

While the overall number of DDoS attacks did more than double, the maximum size of 361.9 gigabits per second (Gbps) represented a 48.2% decrease over those measured in 2021. Average attack size also shrank by 22.4%.

The majority of DDoS threats (85.6%) in 2022 were single-vector attacks, which is almost identical to the percentage seen in 2021. UDP- (user datagram protocol) based and TCP- (transmission control protocol) based attacks were the most popular attacks by type, accounting for 72.5% and 23.0% respectively.

Other key findings include:

  • The top three DDoS attack vectors were NTP (network time protocol) amplification, memcached, and UDP attacks.
  • UDP based attacks increased 121.3% year-over-year (YoY). TCP based and other attacks also grew significantly.
  • Amplification attacks grew by 414.6% YoY.
  • Application attacks saw enormous growth, increasing by 718.1% YoY.

“Although DDoS attack size dropped in 2022, we saw a significant jump in the overall number of attacks, making the need for greater awareness and vigilance more essential today,” said Juniman Kasman, chief technology officer of Nexusguard. “Cyber attackers also continue to target critical infrastructure within ASN-level Communications Service Providers (CSPs), especially ISPs, which results in an incredibly far-reaching effect as the organizations relying on those providers are also negatively impacted.”