The maximum power during this period was 412 Gbps, and the highest speed reached 103 million packets per second. The most active months in terms of the number of powerful attacks were July and November, and the longest incidents were recorded in October. The average number of attacks on one target ranged from 2,780 to 4,621 per month, with September becoming a record-breaking month for this indicator.
DDoS attacks differ in the nature of their impact. Some are aimed at overloading data transmission channels, others - at exhausting the computing power of network equipment. The largest attack was recorded in November — 412 Gbps, but the average amount of data transferred per incident was minimal. In July, on the contrary, the largest traffic volume per incident was 48 GB, and the number of packets transferred reached 500 million, which is 24 times more than the minimum value in September.
The highest speed was recorded in July and amounted to 103 million packets per second. This is almost 5 times higher than the maximum figure in December, when the attack reached 22 million packets per second.
The total duration of attacks over six months was 9,718 hours. October was the busiest month — 2,167 hours of attacks were recorded, which is almost 2 times more than in November. On average, each attack lasted 7 minutes, but in December, a record-breaking incident was recorded — 202 hours, which is almost 10 times longer than in previous months.
The most common types of attacks are TCP PSH/ACK Flood, TCP SYN Flood and UDP Flood, which accounted for 70% of all cases. UDP Flood is a massive sending of datagrams to random or specified ports. Checking each packet requires computing resources, which, at high intensity, overloads the network. TCP SYN Flood consists of creating a large number of half-open connections that interfere with the processing of new requests. TCP PSH/ACK Flood overloads a node with a stream of false packets, forcing it to spend resources on processing them.
For the whole of 2024, 112,171 attacks were recorded, and the total attack time was 13,613 hours. The number of repeated incidents has increased: if in April the maximum total duration of attacks on one target was 172 hours, then in July this figure increased to 492 hours. In December, the duration of the longest attack reached 202 hours, while in April this figure did not exceed 156 hours.
The sharp increase in the number of attacks, their power and duration indicates the evolution of threats. Attackers use more sophisticated methods and combine different types of attacks, seeking to cause maximum damage. The high intensity of attacks and the growth of repeated incidents require increased attention to the security of network infrastructure.