New data reveals growing frequency and sophistication of DDoS attacks – costing businesses nearly a quarter m************** per attack
Zayo Group, a leading global communications infrastructure provider, today released its biannual Distributed Denial of Service (DDoS) Insights Report, revealing a nearly 82% surge in attack frequency between 2023 and 2024. Attack volume almost doubled from 90,000 incidents in 2023 to 165,000 in 2024, as cybercriminals leverage AI and expanding adoption of IoT devices to launch faster, more persistent, and more complex attacks.
Also Read: The Arbitrage Opportunity of Small Language Models: Unlocking AI Efficiency and Performance
“We’re seeing attackers use larger botnets of compromised IoT devices and AI to drastically increase the scale of attacks”
“We’re seeing attackers use larger botnets of compromised IoT devices and AI to drastically increase the scale of attacks,” said Max Clauson, Senior Vice President of Network Connectivity at Zayo. “As the sophistication of DDoS attacks continues to grow, cybercriminals are finding ways to exploit cloud services, higher bandwidth availability, and new vulnerabilities in software and network protocols. Both the public and private sector need to invest heavily in DDoS mitigation to continue to protect critical infrastructure and ensure long-term data security.”
Key Findings by Industry:
- Finance saw the largest year-over-year attack volume growth of all sectors, surging from 3.5% of all attacks in 2023 to 7% in 2024.
- Telecommunications is still the most targeted sector, but other industries are catching up. In 2024, telecommunications represented 42% of all observed incidents, down from 48% of all attacks in 2023.
- Cloud and SaaS companies experienced a rise in attacks, accounting for 11% of all attacks with more than 19,000 throughout the year – 15,740 of which occurred in the second half of 2024 alone.
- Healthcare saw a 223% growth in the total number of attacks targeting it between 2023 and 2024.
- Manufacturing continues to explode as a large-scale target, with the average attack size growing 257% from 2023 to 2024.
Why It Matters
The financial toll remains significant. At $6,000 per minute, and an average attack lasting 39 minutes, businesses lose nearly $234,000 per incident. Cybercriminals remain opportunistic in strategically timing their attacks to maximize disruption, with the majority occurring during business hours. There is also an expected rise in DDoS-as-a-Service, enabling individuals with limited technical skills to conduct attacks, which could result in a greater number of attacks and a wider variety of attack methods.
Also Read: Combatting the rise in AI-assisted fraud in 2025
DDoS attacks are an inescapable reality for organizations, regardless of industry or size. The financial, operational, and reputational damages caused by these attacks can be devastating, forcing businesses to divert critical resources to mitigation and recovery. As AI and automation continue to shape the threat landscape, proactive and scalable DDoS protection is more essential than ever.
