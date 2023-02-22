Microsoft has shared trends and insights into distributed denial of service (DDoS) attacks it observed and mitigated throughout the past year.

According to Microsoft's blog, in the first half of 2022, the cyberthreat landscape was focused around the Ukraine war and the rise of nation-state attacks and hacktivism - the use of hacking and digital activism for political or social purposes - across the world.

For the unversed, a DDoS attack is a malicious attempt to flood a targeted computer system or network with a large volume of traffic from multiple sources, making it difficult or impossible for the system to respond to legitimate requests.

Here are the key trends and insights shared by the Microsoft Azure Network Security Team:

Attack volume

In 2022, a high volume of attacks was witnessed during the holiday season until the last week of December.

Microsoft mitigated an average of 1,435 attacks per day.

The highest number of attacks recorded in a single day was 2,215 on September 22, 2022.

recorded in a single day was on September 22, 2022. The lowest number of attacks recorded in a single day was 680 on August 22, 2022.

recorded in a single day was on August 22, 2022. In total, Microsoft mitigated over 520,000 unique attacks against its global infrastructure.

against its global infrastructure. In May, Microsoft mitigated a 3.25 TBps attack in Azure, the largest attack in 2022.

Attack type

Below is the breakdown of DDoS attacks by their type:

TCP attacks were the most frequent form of DDoS attack encountered in 2022, comprising 63% of all attack traffic, followed by UDP attacks that made up 22% of all attacks (combined for UDP flood and UDP amplification attacks)

Packet anomaly attacks made up 15% of attacks.

Attack duration

In the past year, sorter duration attacks were the most popular, with 89% of attacks lasting less than one hour.

Attacks spanning one to two minutes made up 26% of the attacks observed in 2022.

Attack destinations

According to Microsoft, the United States was the top region targeted by attacks in 2022, followed by India, East Asia, and Europe, respectively.

US - 45.02%

India - 13.22%

East Asia - 11.25%

Europe - 10.49%

What's ahead?

Microsoft believes cybercrime will likely continue to rise in 2023 as new threats and attack techniques emerge. New IoT (Internet of Things) DDoS botnets will emerge and attacks from them will continue to be prevalent and cause significant disruption.

You can find more details here.