DDoS: Has the fightback got teeth?

It might be no surprise to hear that DDoS traffic has continued to rise since 2021 – up 19% according to our latest DDoS Threat Landscape Report, issued earlier in May.  This is in line with Internet traffic growth, but the nature of the attacks has, and continues to change.  The volume of attacks is down, but the size of individual attacks just gets more and more spectacular.

If you’ve personally experienced a DDoS attack at your company (and most will have), you may just want to roll your eyes and could easily think “c’est la vie”, but it is not all doom and gloom.

There is now a more decisive response by network and IT infrastructure owners to cyber threats, and they are gradually starting to fight back with better cooperation and by closing the inherent weak spots in the network that cybercriminals have exploited for so long. This is, in part, thanks to an industry wide anti-spoofing initiative, the DDoS Traceback Working Group.  We have seen the number of DDoS attacks on Arelion’s global backbone decrease by over 30% in 2022 – with 50% fewer attacks directed towards customers.

Fortunately, the vast majority of attacks are still small and mostly driven by free tier stress test or DDoS-as-a-Service attacks instigated by amateur cybercriminals. As our report outlines, we saw the biggest increase in the 5-20 & 20-50 Gbps attack ranges – mainly through DNS and NTP attacks, but also memcache.

It will always be anarms race between those wanting to launch attacks and those needing to protect against them, but better co-operation in the industry has certainly given network operators bigger teeth and shifted the needle on some aspects of the problem.  There will always be a need for organizations to protect themselves, but having these options at the backbone level is clearly part of the solution.

Download the DDoS Threat Landscape Report, for more detailed information on the attacks described above as well insights on how the target of attacks has evolved over the last year.


David Young, Product Manager IP & DDoS