In the second half of 2024, the number of DDOS attacks in Russia increased significantly, with a 2.6 times rise compared to the first half of the year. A Selectel report revealed that a total of 80,735 attacks were recorded from July to December, averaging 13,455 attacks monthly, with the highest number occurring in October.
The peak power during this period reached 412 Gb/s, with a speed of 103 million packages per second. The most active months for powerful attacks were July and November, while the longest incidents occurred in October. On average, each attack targeted varied from 2,780 to 4,621 attacks per month, with September setting a new record for this indicator.
DDOS attacks vary in their impact, some aimed at overloading data transfer channels, while others exhaust computing power of network equipment. The most voluminous attack was recorded in November, with a transfer rate of 412 Gb/s, while the largest amount of traffic for one incident occurred in July, reaching 48 GB with 500 million transferred packages.
The highest speed was recorded in July at 103 million packages per second, compared to December’s 22 million packages per second. The total duration of attacks in six months was 9,718 hours, with October experiencing the most intense attacks at 2,167 hours.
The most common types of attacks observed were TCP PSH/ACK Flood, TCP Syn Flood, and UDP Flood, accounting for 70% of all cases. UDP Flood involves a mass display of datagrams for random or specified ports, requiring significant computing resources. TCP Syn Flood creates numerous half-open connections, while TCP PSH/ACK FLOOD involves sending a stream of false packages to overload the network.
Throughout 2024, a total of 112,171 attacks were recorded, totaling 13,613 hours of attacks. The number of repeated incidents increased, indicating an evolution of threats with attackers utilizing more complex methods. The heightened intensity of attacks and the rise of repeated incidents emphasize the importance of network infrastructure security.