Skip to main content
back
blog
Posted 8 November 2024
Qrator Labs: Q3 2024 DDoS, Bots and BGP Incidents Statistics and Overview
share
Qrator Q4

TechIsland member QratorLabs has published their Q3 2024 report on DDoS, bot activity, and BGP incidents. Below is an executive summary of the main insights. For an in-depth look at the data and analysis, you can visit their website to access the full report.

Executive summary

  • In the third quarter of 2024, we did not detect any fundamentally new trends in DDoS attacks. Attackers continue to use well-known methods that are effectively mitigated by our security solutions.
  • The number of DDoS attacks increased significantly compared to the second quarter, with attacks targeting the network and transport layers (L3-L4) rising by 80% and application layer (L7) attacks increasing by 70%. This increase can be attributed to seasonal factors: following a summer slowdown, the main peak of activity typically occurs in the autumn and winter. Attackers start their preparations by probing the landscape before launching more serious attacks.
  • The share of L3-L4 DDoS attacks on the microsegment Betting shops in Q3 slightly decreased compared to Q2 but remained considerably high, accounting for more than 9% of all attacks during the period. We attribute this to the UEFA European Championship, whose final stage took place in early July, as well as the Summer Olympics, which were held in July and August.
  • As in the previous quarter, the segment Betting shops also set quarterly records for the intensity of L3-L4 DDoS attacks (446.57 Gbps, 152.05 Mpps). This segment was also the target of the second-longest attack, which lasted around 2 hours.
  • Almost half of all L7 DDoS attacks in the third quarter of 2024 targeted the FinTech segment. Specifically, nearly one-third of all attacks during the period were directed at the microsegment Banks.
  • Bot activity in the third quarter remained at roughly the same level as in the previous two quarters. However, unlike in Q2, this reporting period saw more intense attacks: a 10% increase in the total number of blocked requests per attack and a 400% increase in peak rps.
  • The total number of BGP incidents remained almost unchanged compared to the previous quarter. However, the number of global BGP incidents nearly doubled. We also recorded a case where a global route leak between IXs was successfully prevented, thanks to the RFC 9234 standard developed by Qrator Labs experts.

Access the full report here: https://qrator.net/blog/details/q3-2024-ddos-bots-and-bgp-incidents-statistics-and