Government organisations remain among the top five targeted sectors with the longest Distributed Denial of Service (DDoS) attacks.
According to new Zayo data, the average DDoS attack across all industries lasted 68 minutes in 2023. But the average length of attacks surged by more than 400 percent from Q1 to Q4 of last year — from an average of 24 minutes to 121 minutes — signalling a worrying trend from both security and cost perspectives.
In the first half of 2023, government entities experienced the longest DDoS attacks with an average attack time of four hours and 20 minutes. In the second half, government entities continued to experience the longest attacks of all industries observed in the new Distributed Denial of Service (DDoS) Insights Report.
The attack duration in the second half grew to nearly 18 hours per attack on average, representing a 322 percent increase from the first half and a 1,141 percent increase from the beginning to the end of 2023 (see graphic below).
Reasons cited in the report for the increase in DDoS attacks include political motivations and grievances, complex infrastructure, and higher stakes.
AI “a double-edged sword”
With unprotected organisations shelling out an average of £4,700 per minute of each attack, that totals a startling £325,000 average cost to businesses for DDoS attacks.
If you liked this content…
Government DDoS attacks eclipse those in other industries
Government’s AI transformation demands radical procurement overhaul
Google Cloud seeks to improve access to public sector innovation with open AI
Local government turning to AI to provide a better citizen experience
Implementing AI in the public sector: Four tips to enhance adoption
“What we’re seeing is that cybercrime is only getting savvier,” said Anna Claiborne, Senior VP of Network Connectivity at Zayo. “AI is presenting itself as a double-edged sword in this space. On one side of the blade, criminals are using AI to increase the sophistication of attacks and circumvent traditional defence mechanisms; on the other, mitigation platforms are using AI to dynamically identify and defend against new and emerging threats. As DDoS remains a profitable model for cybercriminals, attacks will continue to be a brutal inevitability for businesses. But luckily, DDoS protection is also rising to the occasion.”
Dark web crime
Zayo noted that DDoS attacks are here to stay – and cybercriminals are not discriminating over an organisation’s size, industry or business model.
“Most people on the internet aren’t plotting a DDoS attack, but the internet is a big place and Dark Web crime is the fastest growing business on earth,” said Eric O’Neill, national security strategist at Carbon Black.
“We’re in an attacker’s market and they are leveraging sophisticated technologies and cutting-edge techniques to innovate the way they deceive, disrupt and destroy our most critical data. To stop the attackers from gaining the upper hand, we need DDoS protection that is as easy and effective as turning on a switch.”
Think Digital Partners is pleased to announce a new event for 2024. Think Digital Identity and Cybersecurity for Government takes place in London on May 8. Find out more and get your ticket here.
