DDoS attacks are increasing rapidly, and hence it’s important to know some of the latest DDoS attack statistics.
Although there are many types of cyberattacks, some of them can be way more frustrating than others.
DDoS, short for Distributed Denial-of-Service, is one such attack on the web. In fact, these attacks can demolish large company websites.
Moreover, DDoS attacks are also quite hard to prevent.
Over the years, DDOS attacks have become increasingly frequent, and there is no sign of slowing down.
In fact, recent DDoS statistics reveal that such attacks are expected to grow by over 300% in 2023.
That’s a huge concern for both businesses and individuals.
However, knowing such statistics can help you to cope with the issue more effectively and protect yourself from these attacks.
Key Statistics
- DDoS attacks will increase by 300% in 2023.
- The average size of the DDoS attack will be 100 Gbps in 2023.
- A small to medium-sized business spends an average of $120,000 to restore service during a DDoS attack.
- The average number of DDoS attacks per day in 2023 is 29.3 attacks.
- A DDoS attack costs a company between $20,000 to $40,000 hourly.
- Israel is currently the most targeted country around the world.
- 20% of all internet traffic to Slovenian and Georgian sites were HTTP DDoS attacks.
- Non-profit organizations are a prime target for HTTP DDoS attacks.
- Over 20% of cyber attackers use multi-vector DDoS attacks.
General DDoS Attack Statistics in 2025
1. DDoS Attacks Are Expected to Increase by 300% in 2023.
A recent study reveals that the number of DDoS attacks for the three months of 2023 increased by 300% compared to the same period in 2022.
In fact, it has targeted many organizations, including Australian universities.
Also, the experts believe these attacks are expected to increase by over 300% in 2023.
These stats show a substantial growth in the attacks, which indicates that DDoS attacks have been and are expected to become even more severe and widespread during 2023.
(Source: Aarnet)
2. The Average Size of The DDoS Attack Will Be 100 Gbps in 2023.
As per reports, the projected average DDoS attack size is expected to reach 100 Gbps in 2023.
That’s a huge rise compared to the average DDoS attack size of 5.17 Gbps in the second quarter of 2022.
In fact, you’ll be surprised to know that the average size of the DDoS attack in the first quarter of 2021 was 9.15 Gbps.
It shows that the average size of DDoS attacks will decline from 2021 to 2022.
However, experts believe there will be a significant increase in DDoS attack sizes for the current year.
Moreover, these attacks have become a concern for organizations of all sizes.
(Source: Cloud Flare)
3. The Average Number of DDoS Attacks per Day in 2023 Is 29.3.
Undoubtedly, DDoS attacks have become a major concern with a significant increase in frequency.
In the last quarter of 2022, organizations worldwide had to handle an average of 29.3 attacks daily.
That’s 3.5 times higher compared to the end of 2021, when there were only 8.4 attacks daily.
The situation is even more alarming in EMEA (Europe, the Middle East, and Africa) as the number of attacks grew faster than the global average.
In that region, organizations faced an average of 45 attacks per day during the last quarter of 2022, four times more than the 11.3 attacks per day in 2021.
(Source: Security Brief)
DDoS Attacks Costs and Spending
4. A Small to Medium-Sized Business Spends an Average of $120,000 for Restoring Service During a DDoS Attack.
During a DDoS attack, small and medium-sized businesses spend approximately $120,000 to restore their services and manage operations.
That’s too expensive, especially for an SMB.
Moreover, the cost can be even higher if the DDoS attack leads to lost revenue or missed business opportunities.
In some cases, the attack might be a distraction to cover up a data breach, resulting in greater losses for small to medium-sized businesses.
That’s why an SMB must invest in DDoS protection and other cybersecurity measures.
These will help safeguard their operations and prevent potential financial damages.
(Source: Tech Insurance)
5. A DDoS Attack Costs a Small Business Around $8,000 to $74,000 for Every Downtime.
Although the cost of restoring services and managing offline operations after a DDoS attack is quite high, it’s not the only financial impact of such an attack.
In fact, a business, especially smaller ones, might need to spend more on sales, customer service, and marketing.
Also, the consequences of DDoS attacks can lead to a huge loss in revenue for online retailers.
On average, small businesses can lose between $8,000 to $74,000 for every hour of downtime they experience.
That’s not all; a DDoS attack can harm the trust of clients, putting the future opportunities of a business at risk.
When customers see a business struggling to maintain its online presence due to an attack, they usually lose confidence in its ability to provide reliable services.
(Source: Tech Insurance)
6. A DDoS Attack Costs a Company Between $20,000 and $40,000 Hourly.
Latest surveys on statistics for DDoS attacks reveal that the average cost of a DDoS attack ranges from $20,000 to $40,000 per hour.
That’s an incredibly high amount that can create immense pressure, even for the biggest and wealthy-est organizations.
In fact, the financial impact of such attacks can be quite expensive.
That’s because businesses must bear the costs of handling the attack, like conducting various investigations and restoring services.
Also, there can be indirect costs like lost productivity, revenue loss, and damage to the organization’s reputation.
(Source: Cox BLUE)
DDoS Attack Demography
7. As Of the First Quarter of 2023, Finland Is the Largest Source of DDoS Attacks.
According to various reports, Finland had the highest percentage of HTTP DDoS attacks compared to all other countries in the world in the first three months of 2023.
The British Virgin Islands ranked second, followed by Libya and Barbados.
However, when considering the total number of attacks, most HTTP DDoS attack traffic originated from IP addresses in the United States.
China came next in line, followed by Germany, Indonesia, Brazil, and Finland.
On another note, Vietnam was responsible for the most L3/4 DDoS attack traffic.
In fact, almost one-third of all the L3/4 traffic handled in Vietnam’s data centers was identified as attack traffic.
(Source: Cloud Flare)
8. Israel Is Currently the Most Targeted Country Around the World.
During the first quarter of 2023, there was a significant development in the realm of cyber threats as Israel became the country most targeted by HTTP DDoS attack traffic.
The shift might be linked to factors such as ongoing judicial reform, opposing protests, or the persisting tensions in the West Bank.
To our surprise, Israel even surpassed the United States regarding the percentage of attack traffic directed at its websites.
Regarding countries attacked by HTTP DDoS attacks, Israel is closely followed by the United States, Canada, and Turkey.
(Source: Cloud Flare)
9. 20% of All Internet Traffic to Slovenian and Georgian Sites Were HTTP DDoS Attacks.
Considering the proportion of attack traffic compared to overall traffic directed at a particular country, researchers found that Slovenia and Georgia topped the charts.
In fact, 20% of all traffic flowing into sites in Slovenia and Georgia consisted of DDoS attacks.
Slovenia and Georgia are closely followed by Saint Kitts and Nevis, a small country in the Caribbean, and Turkey.
Moreover, Israel, which used to be on the top, has now slipped to the ninth spot in terms of being targeted by HTTP DDoS attacks, which is a good thing.
(Source: Cloud Flare)
10. China Is the Most Targeted Country by Network-Layer DDoS Attacks.
When examining the overall volume of network-layer DDoS attack traffic, China emerged as the leader, accounting for nearly 18% of the total.
Singapore was in a close second position, contributing approximately 17% of the network-layer DDoS attack traffic.
The United States followed in third place, with Finland rounding the top four.
It highlights the involvement of China and Singapore in generating network-layer DDoS attacks, emphasizing the global distribution of such malicious activities.
So, such countries need to invest in robust and reliable cybersecurity.
(Source: Cloud Flare)
DDoS Attack Stats by Industry
11. Non-Profit Organizations Are a Prime Target For HTTP DDoS Attacks.
As of the first quarter of 2023, non-profit organizations are the most targeted industry regarding the percentage of DDoS attack traffic out of the total traffic received.
Moreover, other industries such as chemicals, government, and energy utilities and waste are prime targets for HTTP DDoS attacks.
You might be surprised to know that despite the growing concerns over cyberattacks on the healthcare sector, it didn’t make it into the top ten targeted industries during the first three months of this year.
(Source: Cloud Flare)
12. The Gaming & Gambling Industry Is the Prime Target for DDoS Attacks in Europe, Asia, and the Middle East.
While non-profit organizations are a prime target for DDoS attacks globally, the same isn’t the case on a regional scale.
In fact, the industries with the most targets vary according to different regions.
For instance, the Gaming & Gambling industry faced the highest attack levels in Asia, the Middle East, and Europe.
However, the Banking, Financial Services, and Insurance (BFSI) sector bore the brunt of DDoS attacks in South and Central America.
In Africa, however, the target sector is Telecommunications, while in Oceania, it’s the Health, Wellness, and Fitness industry.
(Source: Cloud Flare)
Other DDoS Attack Statistics
13. Over 20% of Cyber Attackers Use Multi-Vector DDoS Attacks.
Although the methods used by cybercriminals to create DDoS attacks keep changing, over 20% use multi-vector DDoS attacks.
In this method, an attacker combines different DDoS methods into one quick attack and keeps repeating it frequently.
In fact, an attacker in 2020 used 14 different vectors in one DDoS attack.
We’ve seen a growing trend of attacks using multi-vector methods.
In the first quarter of 2019, more than half of all attacks (52%) used two or more vectors, with 47% employing three vectors.
In contrast, only 11% of attacks in 2018 and 8.9% in 2017 used this approach.
The trend has continued to rise, reaching 78% of DDoS attacks in the third quarter of 2021, up from 62% in the second quarter of 2021.
(Source: Corero)
14. DDoS Attack Records Were Broken Many Times in The Last Four/five Years.
In 2018, there was a lot of tension in the new world of security when the biggest DDoS attack record was shattered not once but twice within a week.
The second-largest attack happened in March 2018, targeting GitHub with a massive 1.3 Terabytes per second (TB/s) to their servers.
Fortunately, GitHub effectively defended against the attack.
In the first quarter of 2020, Amazon also reported suffering the largest DDoS attack on record.
Luckily, the company managed to mitigate more than 2 Tbsp of data, a feat that would be impossible for any smaller business.
(Source: The Register)
15. An Average DDoS Attack Can Last Several Hours to A Few Months.
DDoS attacks can cause significant harm to companies and consumers, resulting in wasted time and financial losses when essential resources and services become inaccessible.
The attacks vary in duration, ranging from a few hours to several months.
For instance, in 2022, the longest DoS attacks recorded globally fell within the 100 to 250 Gbps range.
On average, the DDoS attacks lasted for 66 hours, equivalent to approximately 2.75 days.
(Source: Security Today)
16. Around 20% of Businesses with Over 50 Employees Admitted Facing at Least One DDoS attack.
A report on DDoS attack stats reveals that 20% of businesses employing more than 50 employees have witnessed at least one DDoS attack.
Still, the occurrence of such attacks differs depending on the industry.
For instance, Telecommunications companies face a higher likelihood, with 24% reporting such attacks, while financial services organizations encounter them at a rate of 22%.
These numbers highlight the vulnerability of businesses in these sectors to this type of cyber threat.
Therefore, organizations must be aware of the risks associated with DDoS attacks and take necessary precautions to safeguard their systems and services.
(Source: Kaspersky Content Hub)
17. Ransom DDoS Attacks Increased by 67% in 2022.
Recent reports on DDoS attack stats show that Ransom DDoS attacks saw a significant increase of 67% in 2022 compared to the previous year, 2021.
These attacks often start on Fridays, which are close to the end of the business week, when many organizations have fewer staff members available.
It indicates that ransom DDoS attacks, a type where attackers demand a ransom to stop flooding a network with traffic, have become more prevalent.
In 2022, the frequency of such attacks spiked by two-thirds, posing a serious threat to businesses and institutions.
(Source: Cloud Flare)
18. As Of the First Quarter of 2023, Around 57,116 DDoS Attacks Were Reported.
In the third quarter of 2022, the number of DDoS attacks declined.
In fact, after a 13.72% decline in the previous period, this quarter witnessed an additional decrease of 27.29%, reaching a total of 57,116 attacks.
Moreover, according to various DDoS statistics, August was the busiest month, with an average of 824 daily attacks.
On the other hand, 45.84% of DDoS attacks occurred in the first week of July, making it a relatively calmer month.
Moreover, there were only 641 attacks per day in July, slightly higher than in September, which averaged 628.5 attacks a day.
(Source: Secure List)
FAQs
What Is the Most Recent DDoS Attack in 2023?
Akamai successfully defended the biggest DDoS attack against an APAC-based Prolexic customer on 23rd February 2023, at 10:22 UTC.
The DDoS attack peaked at 900.1 Gbps of traffic and 158.2 million packets per second.
It comes as a significant milestone in the fight against cybercrime and highlights the importance of prevention strategies.
What Is the Oldest DDoS Attack?
One of the oldest DDoS attacks occurred on 7th February 2000.
In this DDoS attack, a 15-year-old Canadian hacker known as “mafia boy” started a series of attacks against prominent e-commerce platforms like eBay and Amazon.
What is DDoS’s Real Name?
DDoS stands for Distributed Denial-of-Service, is a cyber attack that belongs to the category of Denial-of-Service (DoS) attacks.
It uses a network of interconnected online devices, a botnet, to flood the targeted website with fake traffic.
As a result, the impact of DDoS attacks amplifies, making them a potent threat to cybersecurity.
Conclusion
DDoS attacks are quite common these days, and their effect can be devastating.
So, it’s your responsibility to keep them at bay.
However, it won’t be possible if you don’t know about these attacks.
In this article, we’ve pointed out some of the most crucial DDoS attack statistics you need to know in 2025.