Content
2024 we saw some of the largest attacks to date. These included the Mirai botnet attack on an Asian hosting provider at over 2Tbps and one of the largest known DDoS attacks in Europe at 1.4Tbps, which was fully mitigated by Link11.
The frequency of DDoS attacks is also steadily increasing. Link11 has already seen an increase of over 26% in the first half of the year compared to the first half of 2023. Other providers are also seeing an increase in DDoS attacks of up to 60% in 2024. According to the ENISA Threat Landscape 2024, DDoS attacks are the most common threat in the EU and account for the largest share of cyberattacks analyzed between July 2023 and June 2024 at over 40%. They surpassed ransomware (25.8%) and data theft (19%). This development clearly shows how easy it is to carry out such cyberattacks and how readily available DDoS-as-a-Service is.
The impact of artificial intelligence
Although difficult to quantify, Artificial Intelligence (AI) is already being used in a wide range of cyber incidents. This is evidenced by the significant increase in the frequency of attacks, the enormous size of some of these DDoS attacks, and the orchestrated execution of multi-vector attacks. However, botnets and attacks are difficult to reverse engineer and tend to be transient in nature, making accurate analysis difficult.
Risk management and compliance will become more important
In 2024, there was a trend towards agile risk management, in which organizations can respond quickly to new cyber threats, including DDoS attacks. Advanced data analysis and AI-based risk assessment tools are increasingly being used to identify potential vulnerabilities and automate compliance monitoring.
Learn more about a GDPR-compliant, cloudbased and patented DDoS Protection that delivers, what it promises.
Outlook for 2025: New targets, more monitoring, stronger attacks
Shift in Targets: Traditional sectors such as gaming and financial services remain vulnerable, and the motivation for politically motivated attacks on governments and critical infrastructure remains high. At the same time, new industries such as cryptocurrencies and biotechnology are increasingly becoming the focus of attackers. This development shows that attackers are increasingly turning their attention to industries with high-value assets and sensitive business processes.
Bigger and badder: DDoS attacks will continue to increase in size, frequency and sophistication. Advanced techniques will continue to be used alongside more typical volumetric vectors to take advantage of the ever-increasing backbone and enterprise network capacity. The proliferation of IoT and improved botnet capabilities will result in more attacks regularly exceeding 200Gbps.
Importance of observability: Organisations will dig deeper into their operations to better monitor their IT stacks (whether on-premises, cloud or hybrid) to better understand the impact of cybercrime. The focus is not just on protecting the perimeter, but also on measuring impact and workload to meet regulatory requirements and to better understand the impact and vulnerabilities during an attack. The overall goal is to improve end-to-end security.
Growing importance of API inventory: A growing problem for organisations will be the lack of visibility into their API landscape. As the number of APIs used both internally and externally grows, organisations will lose sight of the big picture. In 2025, organisations will increasingly rely on a comprehensive inventory of their APIs to identify vulnerabilities, meet compliance requirements and reduce the cost of API management.
Cyber insurance on the rise: Faced with an ever-evolving threat landscape and the increasing possibility of business interruption and customer loss, organisations will increasingly purchase cyber insurance to mitigate these risks. In addition, increasing regulatory pressure and the need to reduce potential legal and financial liability will prompt companies to take a hard look at their business processes and weigh the risk of an uninsured event.
The bottom line
The threat from DDoS attacks remains serious. Organisations need to be prepared for the constant evolution of attack methods and adapt their security measures accordingly. Investing in advanced technologies such as DDoS protection solutions, enhanced monitoring and a robust risk management and compliance framework is essential to protect against this threat.
Share this post
