Lumen research reveals latest DDoS stats, trends, predictions and costs

Rhea-AI Summary

Lumen Technologies (NYSE: LUMN) released its Q4 2022 DDoS report, highlighting a rise in attacks and trends for 2023. Nearly 90% of Q4 attacks were 'hit and run' style, with a 73% increase in DNS amplification attacks. Lumen mitigated 22% more DDoS attacks in 2022 compared to 2021, including the largest attack of 1.06Tbps. Predictions for 2023 suggest attackers will target small- to mid-size businesses, utilize new resources, and coordinate attacks around significant dates. The cost of a DDoS attack could reach nearly $21 million for a company with $2 billion in revenue.

Positive

• Lumen mitigated 22% more DDoS attacks in 2022 compared to 2021.
• The largest DDoS attack mitigated was 1.06Tbps in Q2 2022.

Negative

• Nearly 90% of Q4 attacks were brief probing attempts, indicating a potential increase in future attacks.
• A predicted shift towards targeting smaller organizations may increase vulnerability.

Nearly 90% of Q4 DDoS attacks were potentially 'hit and run" style, probing attacks

DENVER, Feb. 13, 2023 /PRNewswire/ -- Lumen Technologies® (NYSE: LUMN) today released its latest report detailing Distributed Denial of Service (DDoS) activity from Q4- and full-year 2022. The report includes 2023 predictions, a DDoS cost breakdown, and Q4 and full-year data from the Lumen DDoS mitigation service.

Join Lumen DDoS experts in a live, online Q&A on Tuesday, Feb. 14 at 9:30 a.m. MT

Additional analysis provided by the Lumen Black Lotus Labs® threat intelligence team, their intelligence feeds Lumen's Rapid Threat Defense – a proprietary countermeasure that automatically blocks attacks before they reach the customer's network.

Read the Lumen Q4 2022 DDoS Report, and register for a live Q&A with Lumen security researchers who will discuss the findings on Tuesday, Feb. 14, 2022, at 9:30 a.m. MT.

"Companies' digital interactions with partners and customers are accelerating, and that's led to both an increase in attacks, and subsequent investments in DDoS- and application layer-protections," said Andrew Dugan, chief technology officer for Lumen. "In addition to mitigating the largest DDoS attack to-date in 2022, we observed hit-and-run style attacks along with complex campaigns targeting governments, civilian infrastructure and high-profile industries. We expect these trends to continue in 2023, underscoring the need for comprehensive web application and API security solutions."

2023 DDoS predictions

Researchers reviewed data from the Lumen DDoS mitigation service to develop the following predictions for 2023:

1. Attackers will find new resources to leverage. Cybercriminals and defenders are constantly maneuvering to stay one step ahead. In 2022, attackers began leveraging cloud-based, virtual services in ways never seen before. We anticipate they will look for similar new attack methods in 2023.
2. Expansion of the victim pool. Large organizations continue to fortify their defenses, so we believe attackers might begin targeting small- and mid-size businesses. These organizations typically have fewer cyber defenses, but they still have critical data and applications that could attract criminals.
3. Timing is intentional. While DDoS attacks have become ubiquitous with certain days like Cyber Monday, data from the Lumen DDoS mitigation service reveal the most popular week for DDoS attacks in 2021 and 2022 were the days surrounding the July 4 holiday in the United States. Lumen predicts attackers will coordinate attacks to coincide with holidays and culturally significant events throughout 2023.

The cost of a DDoS attack

The Q4 DDoS report also includes a breakdown of the potential cost of a DDoS attack. The estimate is based on data entered into Lumen's online DDoS Impact Calculator. Several factors influence the cost, so researchers developed a generic use-case based on the following assumptions:

• The simulated victim is a Software and Technology company with $2 billion in annual revenue.
• Online motions account for $500 million of total revenue.
• The company has a small IT team with two employees dedicated to fixing security issues.
• On average, security-related incidents generate 25 customer support calls per hour.

Results: This organization is expected to be targeted with 13 DDoS attacks per year resulting in 19 hours of downtime per attack at a cost of nearly $21 million.

Notable DDoS statistics from the Q4 DDoS report

Q4 2022

• Nearly 90% of all DDoS attacks in Q4 were potentially "hit and run" style. These attacks last 30 minutes or less, and threat actors frequently use them to probe a target's defenses before launching a larger, sustained attack.
• Domain Name System (DNS) is an essential service, and the number of DNS amplification attacks increased 73% quarter over quarter.

Full-year

• Lumen mitigated 22% more DDoS attacks in 2022 than in 2021.
• The largest attack Lumen mitigated in 2022 was 1.06Tbps. It occurred in Q2 2022 and was also the largest DDoS attack Lumen has mitigated to-date.

Additional resources 

• Read the full Q4 2022 DDoS Report.
• Join Lumen DDoS experts in a live, online Q&A on Tuesday, Feb. 14 at 9:30 a.m. MT.
• Refer to the Q4 2022 DDoS report for more details about this use case.
• See Lumen's analysis of the security trends observed in 2022 that could shape defenders' responses in 2023.
• Visit the Lumen Quarterly DDoS report archive.
• Learn about Lumen's comprehensive DDoS mitigation and Next-gen WAF/WAAP services.
• See how Lumen Rapid Threat Defense uses global threat intelligence from Black Lotus Labs® as a countermeasure to block DDoS bots on the network as traffic hits a scrubbing center.

About Lumen Technologies

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With approximately 400,000 route fiber miles and serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about the Lumen network, edge cloud, security, communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com/home, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies. Lumen and Lumen Technologies are registered trademarks in the United States. 

Services not available everywhere. Business customers only. Lumen may change, cancel or substitute products and services, or vary them by service area at its sole discretion without notice. ©2021 Lumen Technologies. All Rights Reserved.

View original content to download multimedia:https://www.prnewswire.com/news-releases/lumen-research-reveals-latest-ddos-stats-trends-predictions-and-costs-301744499.html

SOURCE Lumen Technologies

FAQ

What were the key findings from Lumen's Q4 2022 DDoS report?

Lumen's Q4 2022 DDoS report revealed a significant rise in attacks, with nearly 90% being short 'hit and run' style attacks and a 73% increase in DNS amplification attacks.

How much did Lumen mitigate DDoS attacks in 2022?

Lumen mitigated 22% more DDoS attacks in 2022 compared to 2021.

What are the DDoS attack predictions for 2023?

Predictions for 2023 include attackers targeting small to mid-size businesses, utilizing new resources, and timing attacks around significant cultural events.

What is the estimated cost of a DDoS attack according to Lumen?

The estimated cost of a DDoS attack on a company with $2 billion in revenue could reach nearly $21 million.