98% of DDoS Attacks in 2019 Were Less than 10Gbps


The Internet-connected world grows more complex every year, due to faster connections, the widespread adoption of Internet of Things (IoT) devices, and the explosion of cloud services. At the same time, distributed denial of service (DDoS) threats have become more sophisticated, more frequent, and larger.

Corero’s Full Year 2019 DDoS Trends Report has been published, based on an analysis of hundreds of thousands of DDoS attacks attempted on Corero’s customers during that time period. The findings show that, year over year, the average volume of attacks continued to increase; that is partly because there are still some attacks that take the traditional approach to DDoS by sending a massively overwhelming number of packets per second. For example, in January of 2019 there was a report of a DDoS SYN attack that resulted in a deluge of 500 million packets per second. However, the vast majority of DDoS attacks are much lower-volume, short attacks: In fact, 98% of attacks against Corero customers in 2019 were less than 10 Gbps and 85% lasted less than 10 minutes.

Other trend highlights include the following:

  • The use of multi-vector attacks increased 13% year-over-year;
  • Organizations have a 25% chance of being re-attacked within 24 hours, rising to 36% within 90 days;
  • Corero observed that over 99% of attacks do not reach 95% link saturation levels.

The upshot of this is that the majority of today’s DDoS attacks cannot be adequately defeated with traditional network security solutions such as firewalls, Intrusion Prevention Systems and the like. Similarly, on-demand cloud-based DDoS scrubbing solutions cannot react fast enough to mitigate the sophisticated, short-duration, attacks that are now impacting organizations every day.

The Threat to Business Continuity

DDoS attacks are now considered one of the most serious threats to business continuity. The resulting downtime, or increased latency can significantly impact online services, brand reputation, customer trust, and revenue.

Financial Risks for Europe and UK Companies

In the United Kingdom and Europe, organizations are now held responsible for failure to protect their data, or to provide adequate service availability. The introduction of the EU’s General Data Protection Regulation and the UK’s NIS legislation in 2018 have introduced the prospect of punitive fines for organizations that suffer network outages.

Proactive, always-on, DDoS protection should be a critical element of any cyber security defenses designed to ensure business continuity. As organizations develop their resiliency plans and choose their methods of DDoS protection, the time-to-mitigation exposure must be a critical evaluation factor. On-premises detection and mitigation, as a part of a cloud hybrid DDoS protection solution, can close that gap significantly.

Download our detailed DDoS Trends report to gain further insights and observations from attacks against Corero customers in 2019, as well as recommendations to better defend your organization against such attacks.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here.  If you’d like to learn more, please contact us

Sean Newman is VP Product Management, responsible for Corero’s product strategy. Sean brings over 25 years of experience in the security and networking industry, to guide Corero’s growing leadership in the real-time DDoS protection market. Prior to joining Corero, Sean’s previous roles include network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.