top of page
Search

Nexusguard Research Shows Total Number of DDoS Attacks Increased during First Half of 2022

Writer: Inno-Thought TeamInno-Thought Team
Oct 12, 2022

  • Nexusguard DDoS Statistical Report Reveals Key Attack Observations and Analysis from the First Half of 2022

  • Total Number of DDoS Attacks Increased during First Half of 2022 While Maximum Attack Size Decreased Compared to Second Half of 2021


In the first half of 2022, the amount of DDoS (distributed denial of service) attacks increased by 75.6% compared to the second half of 2021, according to new Nexusguard research revealed in the company's DDoS Statistical Report for 1HY 2022. While the total number of attacks did grow, the average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes each decreased by 56% and 66.8%, respectively, during the same period. Notably, application attacks increased a whopping 330% over the second half of 2021 and amplification attacks increased by 106.7%.


Single-vector attacks represented 85% of all attacks globally in H1 2022. UDP (User Datagram Protocol) attacks, which quickly overwhelm the target defenses, and HTTPS Flood, which exhaust servers with valid HTTPS requests, were the two most predominant vectors. Nearly four out of 10 (39.6%) attacks were UDP, an increase of 77.5% from H2 2021, and the two groups combined accounted for more than half (55.5%) of DDoS attacks globally. UDP attacks frequently serve as a smokescreen to mask other malicious activities such as efforts to compromise personal identifiable information (PII) or the execution of malware or remote codes.


New to Nexusguard DDoS reports are statistics describing top reflected attack destinations. Reflection attacks spoof the IP address of the target, tricking it to believe it has received an authentic request, typically via UDP, to which the target responds. Nearly three-quarters (74.6%) of all reflected attacks targeted organizations in Brazil and South Korea. Within Europe, the United Kingdom received almost a quarter (24.6%) of all reflected attacks in that region while in the Middle East and Africa the Seychelles and Saudi Arabia combined, received more than half (55.5%).


Stealthy Bit-and-Piece attacks continue to plague ASN-level Communications Service Providers (CSPs) globally, especially internet service providers (ISPs). Stealthy Bit-and-Piece attacks continue to plague ASN-level Communications Service Providers (CSPs) globally, especially Internet service providers (ISPs). While 81% of attacks globally were less than a single Gbps, Bit-and-Piece attacks by /24 networks registered minimum sizes of 0.0637 Gbps and a maximum of 123.72 Gbps. By drip-feeding doses of junk traffic into a large IP pool, the traffic remains small enough to evade traditional threshold-based detection, but accumulates to be enough to clog and disable the target.


"Attackers came out of winter hibernation with never-before-seen levels of intent, showing an incredible increase of attacks in Q2 2022 alone and by June, reaching the highest first-half levels since 2018," said Juniman Kasman, chief technology officer of Nexusguard. "We've expanded our DDoS reports to include data on reflected attack destinations and have separated Europe from the Middle East and Africa regions to provide organizations with even more information on DDoS attacks. The wide variability in attack types shown by our latest report demonstrates that companies must remain vigilant in protecting themselves against the risk of DDoS attacks."

  • Types of Attack Vectors: In the first half of 2022, UDP Attack and HTTPS Flood were the predominant two attack types, contributing 39.58% and 15.94% respectively, while TCP ACK Attacks ranked third at 6.48%.

  • Attacks by Category: Volumetric (Direct Flood) attacks, contributing 67.93% of the total attacks recorded in the first half of 2022, increased by 48.22% HoH and decreased by 15.06% YoY.

  • Attacks by Protocol: UDP and TCP based attacks were the predominant two attack types in the first half of 2022, contributing 61.27% and 30.57% respectively.

  • Attack Durations: 69.27% of attacks were shorter than 90 minutes, while the rest lasted longer than 90 minutes. 17.15% of attacks exceeded 1200 minutes.


 
 

Comments

connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

 

Disclaimer:

The information contained in this site is for reference only. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Certain links in this site connect to other websites maintained by third parties over whom we have no control. We make no representations as to the accuracy or any other aspect of information contained in other websites.

2025 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page