Cloudflare reports a 50% increase in DDoS attacks in the first quarter of 2024

Cloudflare, Inc., the security, performance and reliability company, has released its first quarter 2024 DDoS threat report, revealing a 50% increase in distributed denial-of-service (DDoS) attacks.

In the first quarter of 2024, Cloudflare’s defenses prevented 4.5 million DDoS attacks – a 50% increase compared to the previous year. Notably, DNS-based DDoS attacks increased 80% year-over-year, solidifying their position as the dominant attack vector.

Sweden recorded a 466% increase in DDoS attacks after joining NATO, mirroring the trend observed when Finland joined NATO in 2023.

The company announced that DNS-based DDoS attacks have become the most important attack vector and their share in all network-level attacks continues to increase. In the first quarter of 2024, the proportion of DNS-based DDoS attacks increased by 80% year-on-year to around 54%.

Notably, despite the increase in DNS attacks and due to the overall increase in all types of DDoS attacks, the proportion of each attack type remains the same as in our previous report for the final quarter of 2023. HTTP DDoS attacks remain at 37% of all DDoS attacks , DNS DDoS attacks at 33%, and the remaining 30% is left for all other types of L3/4 attacks such as SYN flood and UDP floods.

In terms of industries targeted, the company revealed that the industry most commonly targeted by HTTP DDoS attacks in North America is marketing and advertising.

In Africa and Europe, the information technology and Internet industries have been hit the most. In the Middle East, the computer software industry was the most targeted industry. In Asia, the gaming industry was the most targeted industry. In South America it was the banking, financial services and insurance (BFSI) industry. Last but not least, Oceania had the telecommunications industry.

Globally, the gaming and gambling industry was the most frequently affected by HTTP DDoS attacks. Just over seven out of 100 DDoS requests that Cloudflare mitigated were aimed at the gaming and gambling industry. In second place is the information technology and Internet industry, in third place is marketing and advertising.

In the first quarter of 2024, the United States was the largest source of HTTP DDoS attack traffic, with one-fifth of all DDoS attack requests originating from U.S. IP addresses. China took second place, followed by Germany, Indonesia, Brazil, Russia, Iran, Singapore, India and Argentina.

When analyzing DDoS attacks against our customers, Cloudflare uses their billing country to determine the “country (or region) attacked.” In the first quarter of 2024, the US was the most targeted by HTTP DDoS attacks. Approximately one in ten DDoS requests that Cloudflare mitigated were directed against the United States. China comes in second, followed by Canada, Vietnam, Indonesia, Singapore, Hong Kong, Taiwan, Cyprus and Germany.