DDoS Attacks Increase 56 % YoY, according to Gcore DDoS Radar.

by

Feb 11, 2025The Hacker NewsIoT Security / Cloud Security

The most recent from Gcore examines attack data from Q3 to Q4 2024, showing a 56 % U increase in overall DDoS attacks with the largest strike peaking at a report 2 Tbps. The financial services sector saw the most serious increase, with a 117 % rise in problems, while gambling remained the most-targeted business. The findings of this time point out the need for strong, dynamic DDoS mitigation as attacks get more exact and frequent. This dive into the figures.

Important insights: the future of DDoS protection

What are the four most important lessons learned from Gcore Radar:

    DDoS problems are increasing in volume and style. The need for superior protection is highlighted by the 17 % increase in overall attacks and new peak level of 2 Tbps.

  • Financial companies are increasingly at risk. With a 117 % increase in problems, this industry requires heightened safety measures.
  • Shorter, high-intensity problems are now the rule. Traditional reduction strategies must conform to quick burst attacks that can obstruct detection.
  • Political factors affect strike patterns. Understanding the origins of attacks you aid in strengthening strong mechanisms in highly vulnerable areas.

DDoS strike speed reaches new highs

The statement points out a steady rise in the frequency of attacks. Compared to Q3–Q4 2023, DDoS attacks have risen by 56 %, underscoring the long-term growth trend.

Gcore looks at a number of scientific and environmental factors that are likely to be a factor in the rise in problems:

    Easy access to strike tools: DDoS-for-hire services and botnets have lowered the challenge for developing problems.

  • Expanding IoT risks: Poorly secured IoT devices continue to fuel larger bots.
  • Social problems and financial motivations contribute to targeted attacks, both politically and economically.
  • More advanced attack techniques: Multi-vector and application-layer attacks make reduction more difficult.

Largest harm reaches 2 Tbps

The largest recorded attack in Q3–Q4 2024 hit 2 Tbps, targeting a key global entertainment business. This represents an 18 % increase from the previous peak of 1.7 Tbps in Q1–Q2 2024.

Large-scale problems like these are frequently rapidly stopped, but their destructive potential is growing. Terabit-level problems can cause widespread service disruptions and economic costs, especially for businesses reliant on real-time operations.

Financial services are in the spotlight, but game continues to be the most popular objective.

Gaming remains the most-attacked sector, though its share of total attacks dropped from 49 % in Q3–Q4 2023 to 34 %. Possible theories include:

  • Improved DDoS safety that makes adversaries shift their focus
  • continued motivation for attacks as a result of dynamic gaming and fiscal incentives
  • Higher earnings effect from support downtime

Also notable is the uptick in attacks on financial services, rising from 12 % to 26 % of total incidents. The firm’s large regulation, vital website service, and sensitivity to ransom-based episodes make it a prime target.

The whole stock market information for media and entertainment, retail, telecommunications, systems, and various industries.

ACK floods and shorter bursts are rising.

During H2 2024, network-layer attacks were more prevalent, highlighting the spread of DDoS attacks across all network and application layers.

At the network layer, UDP flood attacks remain the most common method, accounting for 60 % of all network-layer attacks. However, ACK flood attacks are on the rise, now making up 7 % of total attacks. These attacks mimic legitimate traffic, making mitigation more challenging.

At the application layer, L7 UDP flood attacks accounted for 45 %, while L7 TCP flood attacks rose to 37 %. Gcore points out that the latter is becoming more popular because it can evade conventional filtering mechanisms.

Shorter but more disruptive attacks

One of the most notable changes is the shorterening of the attack. The longest recorded attack in Q3–Q4 2024 lasted just five hours, compared to 16 hours in the previous period.

Shorter, high-intensity burst attacks are becoming more common. These attacks:

    Avoid being caught repeatedly while quickly disrupting services.

  • Mimic legitimate traffic patterns, making mitigation more complex.
  • Serve as smokescreens for other cyberattacks, including ransomware.

Geopolitical influences

Geopolitical tensions and economic rivalries continue to shape the DDoS landscape, with politically motivated attacks targeting financial services, critical infrastructure, and high-value enterprises. Meanwhile, regions with dense internet infrastructure—such as the Netherlands, the US, and China —serve as both launch points and battlegrounds for cybercriminal groups leveraging botnets, proxy networks, and DDoS-for-hire services.

The report lists the key areas that are involved in DDoS attack traffic:

    Both attack layers are most heavily influenced by the US and the Netherlands.

  • Brazil is a growing hub for network-layer attacks.
  • Both China and Indonesia make a significant contribution to global attack volumes.

Download for application-layer attack geographic data.

Gcore DDoS Protection: mitigating the new wave of attacks

uses more than 200 Tbps of filtering power to stop attacks in real-time across six different continents. Organizations must adopt proactive defense strategies to protect their digital assets as DDoS threats grow.

Note: This article is expertly written and contributed by Andrey Slastenov, Head of Security at Gcore.

Found this article interesting? One of our valued partners contributed to this article. To read more exclusive content we post, follow us on and Twitter.

DNS checker

Leave a Comment