Cloudflare highlights DDoS attack trends in latest report

Cloudflare highlights DDoS attack trends in latest report

Cloudflare, the security, performance and reliability company helping to build a better Internet, has announced its 2022 Q3 DDoS report. This report includes insights and trends about the DDoS threat landscape – as observed across the global Cloudflare network.

Multi-terabit strong DDoS attacks have become increasingly frequent. In Q3, Cloudflare automatically detected and mitigated multiple attacks that exceeded 1 Tbps. The largest attack was a 2.5 Tbps DDoS attack launched by a Mirai botnet variant, aimed at the Minecraft server, Wynncraft. This is the largest attack Cloudflare has ever seen from the bitrate perspective. It was a multi-vector attack consisting of UDP and TCP floods. However, Wynncraft – a massively multiplayer online role-playing game Minecraft server where hundreds and thousands of users can play on the same server – didn’t even notice the attack since Cloudflare filtered it out for them.

Geopolitical tensions are reflected in cyberattacks. Cloudflare’s data centres saw attacks targeting Taiwanese companies increase nearly 20x and when looking at the war in Ukraine, the company saw that attacks on Russian websites surged 24x compared to last year.

Highlights of the DDoS Report

General DDoS attack trends

Overall in Q3, Cloudflare has seen:

  • An increase in DDoS attacks compared to last year
  • Longer-lasting volumetric attacks, a spike in attacks generated by the Mirai botnet and its variants
  • Surges in attacks targeting Taiwan and Japan


Application-layer DDoS attacks

  • HTTP DDoS attacks increased by 111% YoY but decreased by 10% QoQ
  • HTTP DDoS attacks targeting Taiwan increased by 200% QoQ; attacks targeting Japan increased by 105% QoQ
  • Reports of Ransom DDoS attacks increased by 67% YoY and 15% QoQ

Network-layer DDoS attacks

  • L3/4 DDoS attacks increased by 97% YoY and 24% QoQ
  • In Q3, Cloudflare saw a 4x increase in network-layer DDoS attacks attributed to the Mirai botnet. This underscores why securing IoT devices is critical
  • The gaming/gambling industry was the most targeted by L3/4…