News

Telecoms companies most targeted by DDoS attacks

Zayo Group report finds 106 per cent increase in overall attack frequency in H1.

Telecommunications companies are the most targeted by Distributed Denial of Service (DDoS) attacks.

That’s according to Zayo Group’s bi-annual Distributed Denial of Service Insights Report, which found there was a 106 per cent increase in attack frequency in H1 2024 from H2 2023.

The report also revealed that an average DDoS attack now lasts 45 minutes — an 18 per cent increase from this time last year — costing unprotected organisations approximately $270,000 per attack, at an average rate of $6,000 per minute.

For the first time in this report’s history, HR and staffing, legal and consulting, and transportation firms surfaced as victims of the top 10 per cent of the largest DDoS attacks seen.  

Tema Hassan, senior product manager at Zayo Europe, said, “Recent trends in Distributed Denial-of-Service (DDoS) attacks in Europe reveal a significant escalation in both frequency and sophistication. The number of attacks has surged, driven largely by geopolitical conflicts. This has led to an increase in attacks on critical sectors like financial services, telecommunications, and internet service providers, which are vital to national infrastructure.

“New attack techniques, such as those exploiting vulnerabilities in modern web protocols like HTTP/2, have emerged, adding complexity to the threat landscape. Traditional methods like DNS-based attacks also remain prevalent and have grown in scale. In response, countries within Europe are implementing stricter cybersecurity regulations to bolster defence mechanisms against these evolving threats.”

Max Clauson, SVP of network connectivity at Zayo, said, “As we predicted last year, DDoS attacks in the age of AI have become more persistent and frequent across all industries, and our latest report confirms this heightened level as the new norm. What’s worse, if this trend continues, we expect attacks could increase another 24 per cent by the end of the year.

"The only way to fight back is to add protection to your tech stack. When your business is protected, attackers have no other option but to move on to find an easier target.”

Other familiar industries experiencing the most frequent attacks included education (19 per cent), manufacturing (5 per cent) and cloud/SaaS (5 per cent).

Manufacturing has also replaced retail as the industry facing the largest DDoS attacks, followed by healthcare (up 128.5 per cent compared to H1 2023). Not only did the industry experience a 308 per cent increase in attack duration from 2023 to 2024, these companies also suffered a 200 per cent increase in DDoS attack size.

Government entities also continued to be the victims of the longest duration attacks, with an average attack time of over six hours. This is up 41 per cent from the H1 2023.

Posted under: