Government DDoS attacks eclipse those in other industries

Governments experienced the longest DDoS attacks of any industry in the first half of 2023, with an average attack lasting for more than four hours. 

DDoS attacks are where a target’s internet circuit is flooded with fake or illegitimate traffic to prevent true user traffic from passing. Even small attacks can cause hours of downtime, resulting in immense costs for businesses, including lost money, time, customers and reputation.

Data from communications infrastructure provider Zayo Group’s annual Distributed Denial of Service (DDoS) Insights Report shows increasing digitisation, political unrest and the emergence of widespread adoption of work-from-home have all contributed to an increase in DDoS attacks, which jumped 200 percent in H1 2023 compared to the full year 2022.

“Government entities experienced DDoS attacks of a duration that totally eclipses those witnessed by all other industries,” said Michael Katz, VP of product & technology, Europe at Zayo. “This is likely driven by the rise in politically motivated cyberattacks, such as those launched by Killnet. These types of cyber attackers often have a specific agenda and are willing to invest significant time and resources to achieve their objectives, generate high-profile publicity and disrupt critical services, such as emergency response and elections.”

Katz said that government networks and systems are also complex and distributed, making them more challenging to defend against attacks.

“The larger the infrastructure, the more time it takes to detect and mitigate DDoS attacks, making them last longer. Attackers also know that even a brief disruption of government services can have significant consequences, which motivates them to launch long-lasting and persistent attacks.”

The exec said to shorten the duration of an attack or make it nearly imperceptible, governments should utilise an automated redirect of attack traffic from their network ingress to ‘scrubbers’ to ensure only legitimate traffic passes.

“No matter how long the attack, protected networks will be fully defended. The attack can last for hours, but with automated DDoS protection, the attack has zero negative impact on the network infrastructure. Sadly, government entities will face attacks given the level of confidential information they hold so it’s vitally important for the security of citizens to ensure government networks are as secure as possible.”

Spike in number of attacks

There was a 314 percent increase in overall attacks from the first half of 2022 to the first half of 2023. But in some industries, the growth was more than 1,300 percent.

Telecoms companies were a prime target for attackers due to the critical role telecom providers play in providing communication and Internet services. The industry saw the most frequent attacks, accounting for roughly half of the total attack volume, with more than 37,000 attacks in the first half of 2023. 

Education, which had the highest frequency of attacks in the first half of 2022, was just behind telecoms. Cloud and Software as a Service (SaaS) companies also saw a significant increase in the frequency of attacks from the first half of 2022 to the first half of 2023. 

Retail, telecoms and media companies experienced the largest attacks, with an average attack size of 3 Gbps across all three verticals, which is a large enough attack to take down one to two offices depending on the company size. The largest aggregate attack, against the telecom sector, was 978Gbps.