2022 DDoS Attack Trends 


Q2 has witnessed some of the world’s largest attacks, including 26 million requests per second HTTPS DDoS attacks that Cloudflare automatically detected and mitigated. Furthermore, attacks against Ukraine and Russia continue, whilst a new Ransom DDoS attack campaign emerged.

 Highlights of the DDoS Report

The Russian and Ukrainian Internet

  • The war on the ground is accompanied by attacks targeting the spread of information.
  • Broadcast Media companies in Ukraine were the most targeted in Q2 by DDoS attacks. All the top five most attacked industries are online/Internet media, publishing, and broadcasting.
  • In Russia, on the other hand, Online Media drops as the most attacked industry to the third place. Making their way to the top, Banking, Financial Services and Insurance (BFSI) companies in Russia were the most targeted in Q2; almost 45 per cent of all application-layer DDoS attacks targeted the BFSI sector. Cryptocurrency companies in Russia were the second most attacked.

Ransom DDoS attacks

  • We’ve seen a new wave of Ransom DDoS attacks by entities claiming to be Fancy Lazarus.
  • In June 2022, ransom attacks peaked to the highest of the year so far: one out of every five survey respondents who experienced a DDoS attack reported being subject to a Ransom DDoS attack or other threats.
  • Overall in Q2, the per cent of Ransom DDoS attacks increased by 11 per cent QoQ.

Application-layer DDoS attacks

  • In 2022 Q2, application-layer DDoS attacks increased by 72 per cent YoY.
  • Organisations in the US were the most targeted, followed by Cyprus, Hong Kong, and China. Attacks on organisations in Cyprus increased by 166 per cent QoQ.
  • The Aviation & Aerospace industry was the most targeted in Q2, followed by the Internet industry, Banking, Financial Services and Insurance, and Gaming / Gambling in fourth place.

Network-layer DDoS attacks

  • In 2022 Q2, network-layer DDoS attacks increased by 109 per cent YoY. Attacks of 100 Gbps and larger increased by 8 per cent QoQ, and attacks lasting more than 3 hours increased by 12 per cent QoQ.
  • The top attacked industries were Telecommunications, Gaming / Gambling and the Information Technology and Services.
  • Organizations in the US were the most targeted, followed by China, Singapore, and Germany. This report is based on DDoS attacks automatically detected and mitigated by Cloudflare’s DDoS Protection systems.

Commenting on the report, Bashar Bashaireh, Managing Director, Middle East & Turkey, Cloudflare, says, “Cloudflare’s mission is to help build a better Internet. A better Internet is more secure, faster, and reliable for everyone — even in the face of DDoS attacks. As part of our mission, since 2017, we’ve been providing free unmetered and unlimited DDoS protection to all of our customers. Over the years, attackers have become increasingly easier to launch DDoS attacks. But as easy as it has become, we want to make sure that it is even easier — and free — for organisations of all sizes to protect themselves against DDoS attacks of all types.”