32 Remarkable DDoS Statistics for 2022

Distributed Network Attacks can affect companies of any size, but they can target and debilitate internet shopping sites, hosting platforms, online casinos, and businesses that provide online services. 

Distributed Network Attacks are also referred to as Distributed Denial of Service (DDoS) attacks and they can be extremely damaging to a company’s reputation and wallet. 

DDoS are prevalent, and we have the stats to back it up. Here are the top 32 remarkable DDoS statistics that companies should beware of in 2022, as well as helpful information about DDoS attacks. 

The Top 2022 DDoS Trends

Legitimate users can’t access information systems, devices, or other network resources if under a targeted DDoS attack. Furthermore, these attacks are really hard to mitigate:

  • More than 5.4 million DDoS attacks were reported in the first half of 2021. This represents an 11% increase compared to 2020. (Mission Critical)
  • On average, a DDoS attack costs a company $20,000-$40,000 hourly. (Cox BLUE)
  • There were 52,500 DDoS attacks globally in 2020. (NSFocus)
  • DDoS attacks in 2020 generated 386,500 TB of traffic in total. (NSFocus)
  • Surprisingly, DDoS in 2020 decreased year-over-year (from 19.67% to 16.16%). (NSFocus)
  • In Q1 2021, the average size of DDoS attacks was 150Mbps. (Radware)
  • GitHub’s 2018 attack was the largest DDoS attack at 1.3 TBps. (vXchnge)

How Do DDoS Attacks Work?

A DDoS attack is when a hacker or system of hackers send multiple requests to a website to exceed the website’s request handling capability. This means that the website cannot function properly. In doing so, the normal requests made to that website are either extremely slow, not allowed, or completely ignored. 

As you can see, the hacker is trying to get a message across and “deny service” on a given website. 

Multiple distributed machines are coming together to attack a single host. And since network resources have a finite amount of requests that can be submitted simultaneously, they can easily be over-requested. 

The company or online services are therefore down during the attack so that they can’t get business. This can be incredibly damaging financially and to a business’s reputation. 

DDoS Attack Symptoms

DDoS attack symptoms are relatively easy to spot. The symptoms will first start to appear on the main hosting site and then trickle down to other sites. 

Primary symptoms include: 

  • Access to files on the targeted network (either remote files or local ones) is slow
  • Internet connection is destabilized or lost
  • You’re unable to access a website for a long period 
  • A significant increase in spam emails in a short amount of time

(Source: Norton)

Key DDoS Attack Statistics in 2022

DDoS attacks can be easy to instigate but difficult to mitigate. Here are some key DDoS attack statistics so that you can better understand this cybersecurity risk. 

1. In Q1 2021, the average size of DDoS attacks was 150Mbps.

(Source: Radware)

Radware reported a steady decrease in DDoS attack size, with Q1 of 2021 seeing a reduction down to 150Mbps from 315 Mbps in Q4 2020.

2. The biggest DDoS attack in history occurred in September 2021.

(Source: Wired)

Yandex reported a DDoS attack of nearly 22 million requests per second during August and September 2021.

3. On average, a DDoS attack costs a company $20,000-$40,000 hourly.

(Source: Cox BLUE)

That figure can even go up to $50,000! That’s roughly what the average American earns in a year.

4. The longest DDoS attack in 2021 lasted 776 hours – more than 32 days.

(Source: SecureList)

In Q4 2020, there were no attacks that lasted longer than 302 hours. However, Q2 2021 topped that with an attack that lasted more than a month!

Understanding the Dynamics of DDoS Attacks

From large botnets to strategic attacks, each DDoS looks a little different. However, there are some commonalities that users can consider: 

5. Continent 8 Technologies blocked a record of 641 DDoS attacks from October to December 2021.

(Source: Continent 8)

This shows the increase of attacks in Q4 compared to Q3 when 546 attacks occurred.

6. The majority of DDoS attacks in Q3 2020 (90%) lasted under 240 minutes, which is 4 hours.

(Source: Kaspersky Lab)

While we are seeing extremely long attacks, most of them are only a few hours. Even with these statistics, there were still five times the amount of ultra-long attacks (attacks that last for more than 140 hours) in Q2 2020. 

DDoS Attacks on Other Devices: Mobile Apps & Cloud

DDoS attacks don’t only occur on websites; they affect mobile apps and cloud-based services too. Organizations and hosting platforms need to also be considerate of the rate and demographics of DDoS attacks on other devices and Internet of Things devices as well. 

7. A large majority (80%) of banking apps and mobile e-commerce apps are vulnerable to DDoS attacks.

(Source: Appknox)

App technology is newer, and therefore contains a lot more vulnerabilities than websites do. Businesses need to be mindful of their app security, perform regular security tests and consider switching app platforms if they are at risk. 

Considering this statistic, we wouldn’t be surprised if DDoS mobile app attacks were on the rise in 2021 and 2022. 

8. 14% of hack attacks and data breaches on cloud services are DDoS attacks.

(Source: Procedia Computer Science)

DDoS is one of the top security threats for cloud computing. Luckily, top cloud companies like AWS have strong defensive capabilities against DDoS. This is extremely important considering the number of users who use that service. 

9. AWS Shield Standard, which protects Amazon CloudFront, detects and automatically mitigates over 99% of infrastructure layer attacks in less than 1 second.

(Source: AWS Shield)

Amazon CloudFront provides cloud services to millions of users globally, and a DDoS attack would not only affect individuals but organizations as well. Since Amazon has the largest server network in the world, it needs a powerful mitigation technique. AWS Shield Standard is extremely effective, and these statistics show that! 

Impressive DDoS Trends in 2022 and Future Years

DDoS trends are ever-changing. Given the rise in remote work due to the pandemic and the increased pressure on organizations to have higher cyber security, we will expect newer and more sophisticated DDoS trends in the future. 

10. The manufacturing industry was the most attacked in Q4 2021.

(Source: Cloud Flare)

This presents a 641% increase in the number of attacks in this industry, followed by the business services and the gaming/gambling industry in second and third place.

11. In Q1 and Q2 2021, 36% of DDoS attacks were directed at US-based resources.

(Source: Securelist)

In the same period, Poland climbed into the top 3 most attacked countries with 6.34% DDoS attacks.

12. Global DDoS Protection and Mitigation market size is expected to grow from $3.3 billion in 2021 to $6.7 billion by 2026.

(Source: Markets and Markets)

This presents a 15.1% annual growth rate.

13. DoS and DDoS attacks are the most common type of cyber attacks.

(Source: Newrix)

While insider threats are categorized as most prevalent, DoS and DDOs attacks are the most common cyber attack types. They’re followed by MitM (Man-in-the-Middle), phishing and spear-phishing attacks, drive-by attacks, and password attacks.

Who Can Be Victim of a DDoS Attack?

DDoS attacks are major threats to the hosting industry and can greatly affect anyone who has an online website. Victims of a DDoS attack are usually large companies, companies with high competition, and companies in industries like online casinos, retail, and financial services. 

While a DDoS can attack small companies, they won’t usually feel a DDoS attack unless their hosting platform was affected. 

It can be difficult for victims to identify the source of the attack and protect themselves. Businesses should set up their best security defenses and data backups in the case that a DDoS attack happens to you or your host platform. 

Just about anyone can be a victim of a DDoS attack. Famous victims include: MasterCard, PayPal, Visa, GitHub, BBC, Bank of America/JP Morgan Chase/US Bancorp/Citigroup/PNC Bank, WordPress, the White House, the Federal Trade Commission, the Department of Transportation, and the Department of the Treasury.

Notable DDoS Attacks Demographics to Remember in 2022

China is a major hub for DDoS attacks:

14. China led DDoS attacks in Q3 2020. It was responsible for 70.20% of all attacks, increasing 20% in the last two years.

(Source: Kaspersky Lab)

Growth trends show that the U.S. was the second leading country (with 15.30%) and Hong Kong in third (4.47%).

15. The Asia-Pacific Region was the top target of DDoS attacks in 2021, making up 46% of all attacks.

(Source: Australian Cybersecurity Magazine)

33% of DDoS attacks targeted Taiwan, while The Philippines were the no. 1 target in 2021.

16. GitHub, Dyn, BBC, and Bank of America/JP Morgan Chase/US Bancorp/Citigroup/PNC Bank are some of the biggest companies targeted by DDoS attacks in recent years.

(Source: vXchnge)

Companies of all sizes can experience a DDoS attack. With the right amount of protection and mitigation, businesses can more easily get out of a DDoS attack. 

The GitHub attack was the largest ever recorded (1.3 TBps) at that time. However, it only lasted 20 minutes. 

DDoS Attack Techniques in 2022

DDoS attacks grow in scale, complexity, and evolve naturally with market changes. However, for the most part, most DDoS attacks come from botnets. 

17. So far, the majority of botnet attacks have taken place in January, Q1 2021. 

(Source: Kaspersky Lab)

A botnet is “a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g., to send spam messages.” Botnets are largely used for malicious attacks and in DDoS attacks. 

18. Memcached servers are extremely vulnerable and were one of the main reasons why GitHub’s 2018 attack was so crucial.

(Source: Kaspersky Lab)

Memcached is a way to store memory, usually “for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering” and unfortunately it makes for a vulnerable target. 

Memcached servers also make for a logical target; this is the type of server that GitHub used when they were attacked in February of 2018

Top DDoS Attack Deployment Tools

Hackers use sophisticated tools in order to execute a DDoS attack. This is due to the ability for sophisticated attacks to make money and the need for a high-powered software and system to be effective. 

Here are some stats around the top attack deployment tools in 2021:

19. Low Orbit Ion Cannon (LOIC) was one of the most popular free DDoS attack tools in 2019.

(Source: INFOSEC)

Low Orbit Ion Cannon (LOIC) is a free network stress testing and denial-of-service attack application. This application works by sending UDP, TCP, or HTTP requests to the victim server. Since anyone could, theoretically, access this software, it’s no surprise that it was one of the most popular free DDoS attacks tools in 2019. 

The hacker group Anonymous used LOIC to carry out some major DDoS attacks.

20. HULK (HTTP Unbearable Load King) remains to be an extremely popular DDoS attack tool in 2020.

(Source: Software Testing Help)

HULK, or HTTP Unbearable Load King, remains to be one of the most popular DDoS attack tools. It was created for research purposes and comes with the ability to bypass the cache engine, generate unique and obscure traffic, and generate a great volume of traffic at the webserver.

The Most Vulnerable Software and Content Management Systems (CMS) in 2022

Successful cyber crimes are largely attributed to exploited human error. DDoS taps into this, exploiting system vulnerabilities and human vulnerabilities to take down hosting platforms. 

Here are the two most vulnerable CMS in 2021. 

21. WordPress vulnerabilities led to 18 million users being affected by DDoS attacks in 2014. 

(Source: ASTRA)

73% of WordPress-based websites have vulnerabilities that can be exploited, and that’s exactly what happened in 2014 when 18 million users were affected. 

22. Drupal websites experienced a high volume of DDoS attacks in the first half of 2018. 

(Source: NSFOCUS)

It remains that Drupal websites, specifically in Europe and America, contain major vulnerabilities that DDoS attackers love to exploit. 

Famous DDoS Attackers

Considering that just about anyone can go online and download a DDoS attack tool, there are some who have made a name for themself. Not surprisingly, the most famous DDoS attackers are teenagers. 

23. 15-year-old American hacker Mafiaboy (Michael Calce) carried out a successful DDoS attack in 2001, taking down CNN, Dell, E-Trade, eBay, and Yahoo websites.

(Source: Cloudflare)

By hacking into several universities, he made use of their servers and performed a sleek DDoS attack through the Yahoo search engine, then the largest search engine in the world.

24. A British teen was hired to carry out the largest ever DDoS attack in 2013 against The Spamhaus Project.

(Source: Cloudflare)

The Spamhaus Project is an organization that helps combat spam emails and spam-related activity globally. The British teen simply had to drive traffic to the Spamhaus website at a rate of 300 GBps to destabilize them. 

25. 27 websites associated with the US Government were subject to a DDoS attack on US Independence Day in 2009.

(Source: Procedia Computer Science)

Departments included the White House, Federal Trade Commission, Department of Transportation, and Department of the Treasury. It’s clear that even the best security measures can’t stop a DDoS attack.

Can You Defend Against DDoS Attacks?

While extremely difficult, you can defend against a DDoS attack. As we will go into below, there are techniques, like having an established DDoS mitigation plan, that can set you up for success. 

Certain software can help you with DDoS attack defenses. A common software is SolarWinds, which is a Security Event Manager, can mitigate, prevent, and software DDoS attacks. This software monitors event logs from a range of sources to prevent DDoS from starting. 

Prevention is the key to stopping a DDoS attack. Once the attacker is able to maintain the traffic, then it can be hard to reroute them. 

Monitoring software enables you to track, consolidate, and review IDS/IP logs associated with known bad actors. When used in conjunction with a firewall and other security software, you can stay alert to anomalous behavior, block IPs, and shut down accounts quickly before the DDoS attack takes hold. 

Common Losses Companies Experience from DDoS Attacks

A continuous DDoS attack can be extremely damaging. And if a DDoS attack successfully targets a cluster of websites, then this could be devastating to many companies. Here are some common losses that companies experience from DDoS attacks. 

26. 20% of mid-sized companies (with 50 employees or more) have reported being the victim of at least one DDoS attack.

(Source: Kaspersky Lab)

One-fifth of medium-sized companies are likely to suffer an attack. If you’re in the telecoms, IT, and financial services industries, then you may experience a greater frequency of attacks.

27. The majority of DDoS attacks (50%) lead to a significant service disruption.

(Source: Kaspersky Lab)

The most significant issue associated with DDoS attacks is that they render websites inaccessible. 24% of attacks lead to services being completely unavailable. Depending on the business’s use of the website, this can lead to financial and trust-based losses. 

28. 12% of businesses feel that their competition started the DDoS attack. 

(Source: Kaspersky Lab)

It’s surprising to think, but many businesses that were attacked believe that DDoS attacks were started by a competing company. This might not be the case!

29. 7% of DDoS attacks on businesses last longer than a week.

(Source: Kaspersky Lab)

If you think of the downtime associated with DDoS attacks, just imagine how that downtime would feel if it lasted more than mere hours. DDoS attacks can last for days, weeks, even as long as a month. If you can’t stop the attack, then your main source of web traffic and revenue could be completely disrupted for a long time. 

30. On average, large companies lose $417,000 from DoS attacks.

(Source: Kaspersky Lab)

The biggest detriment of a DDoS attack is the financial losses. Large companies reported that DDoS cost them $417,000 on average, compared to small- to mid-sized businesses, which lost around $53,000. 

DDoS Defense Techniques Companies Should Use

While DDoS defense is rather difficult, there are security best practices that companies should use to best protect their data and company from a potential DDoS attack. 

Develop a Denial of Service Response Plan

It’s extremely important to develop a denial of services response plan. This will, at the very least, give you steps to take and guidance if your company is attacked. 

This should include: 

  • Assessing your current security situation
  • Creating a system checklist
  • Forming a response team
  • Creating and definition notification and escalation procedures
  • Having a list of contacts on hand in case of attack
  • Creating a plan to implement for company lockdown and mitigation

Secure Your Network Infrastructure With Cybersecurity Software

Secure your network infrastructure with: firewalls, VPN, anti-spam, content filtering, load balancing, employee monitoring, and other layers of DDoS defense techniques.

DDoS requires that you layer defense techniques to protect yourself. This includes defensive barriers so that attackers can’t get into your network during a DDoS or instigate one. It also includes other defense techniques so that your system can work on your behalf to prevent DDoS from occurring. 

Practice Network Security Best Practices

Basic network security is a requirement for every size business. This includes using challenging passwords, changing passwords regularly, and using anti-phishing methods, for example. 

Top DDoS Defense Tools Companies Use

Defense tools help companies to track, organize, and act on DDoS attacks!

31. Cloudflare’s multiple layer defense can help stop an attack. 

(Source: CBR)

Cloudflare’s layer 3 (the Network layer) and 4 (the Transport layer) protection can absorb an attack before it reaches the server. Its Application layer (layer 7) can also differentiate between malicious traffic and well-intentioned traffic.

32. You can get on-site and cloud DDoS protection through F5 Networks.

(Source: CBR)

F5 Networks also provides 24/7 customer support for DDoS attack mitigation. 

How to Protect Your Company from a DDoS Attack

With more than 2000 registered DDoS attacks daily globally, DDoS attacks are an inescapable fact of life. You can track DDoS attacks with this Digital Attack Map tool, as well, so you can see where a DDoS attack is happening in the world in real time. 

If you’re in the hosting industry, then understanding how DDoS attacks work and how you can protect yourself is a critical first step. You then need to set up defenses against these malicious attacks through event management software and employee monitoring software. 

With these remarkable DDoS statistics on your side, you may be able to protect your company and stop a DDoS attack before it occurs!

By SoftActivity Team.


 Ars Technica


Australian Cybersecurity Magazine

 Kaspersky Lab 1



Cloud Flare


Mission Critical

 Software Testing Help


 Kaspersky Lab 2



Continent 8



 Procedia Computer Science

Markets and Markets


 AWS Shield


 Nexus Guard


 Kaspersky Lab 3


January 14th, 2022