Distributed Denial of Service (DDoS) attacks have grown exponentially more powerful over the past decade, according to a new report by Cloudflare. The analysis highlights dramatic increases in the size and intensity of these cyberattacks, underscoring how they have become a major threat to internet infrastructure and online services.
Attacks scaling into terabits
The report details a steep escalation in the size of DDoS attacks, with all major metrics — requests per second (rps), packets per second (pps), and bits per second (bps) — showing exponential growth over the last decade.
In terms of requests per second (rps), which measures the number of application-layer requests sent per second, attack sizes have grown by an astonishing 70 times since 2014. The current peak, recorded in September 2024, reached 201 million rps, a volume that can cripple even high-capacity servers and web applications in seconds.
Packets per second (pps), a key indicator for network-layer attacks, also saw a massive increase. These attacks aim to overload network hardware by sending a barrage of packets too quickly for infrastructure to process. From 230 million pps in 2015, attack rates have climbed tenfold, reaching a staggering 2.1 billion pps in 2024. This growth highlights the increasing ability of attackers to exploit bandwidth and packet-handling limits.
Perhaps the most concerning metric is bits per second (bps), a measure of total data transfer per second. Often used to evaluate bandwidth-saturating attacks, the scale of these assaults has skyrocketed, jumping 20-fold from a peak of 309 Gbps in 2013 to an unprecedented 5.6 terabits per second (Tbps) in 2024. To put this into perspective, a 5.6 Tbps attack could consume the equivalent of several hundred high-capacity internet connections at once, overwhelming even the most prepared network infrastructures.
This shift from gigabit-scale attacks of the early 2010s to terabit-scale attacks today underscores the growing capabilities of attackers and the challenges defenders face in keeping up.
Google, Cloudflare
A shift in botnet strategy
Cloudflare notes a significant evolution in attacker tactics, with botnets moving from IoT devices to cloud-hosted virtual machines (VMs). Unlike IoT-based botnets, VM-powered attacks leverage fewer, more powerful devices, enabling attackers to launch massive attacks with minimal infrastructure. This change is driven by the ease of anonymously deploying VMs using stolen credentials, a method that simplifies attack execution while increasing effectiveness.
Recent techniques, such as the HTTP/2 Rapid Reset attack, have also raised the bar for DDoS intensity. This method shattered prior records, demonstrating how attackers are continually refining their strategies.
Cloudflare’s findings demonstrate the scale and sophistication of modern DDoS threats. With exponential growth in attack sizes and evolving methods, businesses and critical infrastructure must prepare for an increasingly volatile threat landscape.
Strava Tightens API Policies to Bolster User Privacy and Security
Leave a Reply