Global communications infrastructure provider, Zayo Group Holdings Inc., in its yearly Distributed Denial of Service
(DDoS) report, has disclosed that the global landscape of increasing digitisation, political unrest and the emergence of widespread adoption of work-from-home have contributed to an increase in DDoS attacks, which jumped 200 per cent in the half year 2023 compared to the full year 2022.

The report observed that there was a rapid acceleration of attacks, a 314 per cent increase in overall attacks from the first half of 2022 to the first half of 2023. It stressed that putting it lightly in some industries, the growth was over 1,300 per cent.

According to the report, Q2 2023 reached a fever pitch. It explained that as attackers continue to exploit the sophistication of AI and automation, there was a 387 per cent increase in attack activity from Q1 to Q2 of this year alone.

Speaking on industries under fire, Zayo Group, said telecommunications companies were prime targets for attackers due to the critical role telecoms providers play in providing communication and Internet services. The industry saw the most frequent attacks; accounting for roughly half of the total attack volume, with more than 37,000 attacks in the first half of 2023.

It said that education, which had the highest frequency of attacks in the first half of 2022, was just behind the telecommunications industry. Cloud and Software as a Service (SaaS) companies also saw a significant increase in the frequency of attacks from the first half of 2022 to the first half of 2023.

Also, it said retail, telecommunications and media companies experienced the largest attacks, with an average attack size of 3Gbps across all three verticals, which is a large enough attack to take down one to two offices depending on the company size. The largest aggregate attack, against the telecoms sector, was 978 Gbps. In comparison, in 2022, telecommunications and the government experienced the largest attacks.

According to the report, the government sector experienced the longest attacks of any sector, a change from healthcare in 2022. Across all industries, the average duration of attacks increased by 216 per cent from Q1 to Q2, with the finance industry seeing the largest leap from 41 minutes to 108 minutes.

Zayo Group explained that DDoS attacks are the most common cyberattack against an organization’s online presence. These are deliberate attacks in which a target’s Internet circuit is flooded with fake or illegitimate traffic to prevent true user traffic from passing. Even small attacks can cause hours of downtime, resulting in immense costs for businesses, including lost money, time, customers and reputation.

Even small businesses are hit hard, with average costs of $120,000 to recover.
SVP of Packet and Product Software Engineering at Zayo, Anna Claiborne, said: “When your business will get hit by a DDoS attack is a game of probability.

“With a huge rise in attacks in 2023 and more attacks over 100Gbps, the odds are not in your favor. While there are myriad of statistics on the cost of remediating a DDoS attack, the long-tail loss of customer confidence after an attack is difficult to quantify and even more difficult to fix. Running any business on the Internet without DDoS protection is a risk, and you have to ask yourself if it’s one worth taking.”