H1 2024 in Review: DDoS Attacks Report by StormWall

DDoS attacks are continuously evolving, with election campaigns in 2024 emerging as a significant driver of this shift. In the first half of the year, DDoS incidents surged by 102% year-over-year, with hacktivists targeting election-focused nations more than those involved in armed conflicts.

Welcome to StormWall's H1 2024 DDoS Attacks Report, Global Edition. Leveraging our extensive network of scrubbing centers, we filter up to 4,500 Gbps of traffic during peak hours for hundreds of enterprises and SMBs. This unparalleled capacity provides us with a unique perspective on active DDoS campaigns around the world.

Key Trends in H1 2024

DDoS attack volumes surged by 102% compared to last year. Below are the standout trends driving this growth:

• Election-driven attacks: The EU parliamentary election and local elections in several member states triggered a wave of attacks on government websites throughout Q1 and Q2. Belgium, in particular, was heavily impacted, accounting for 14.8% of global DDoS activity in Q2 alone.
• Geopolitical targets: Nations involved in conflicts and those holding elections saw a sharp rise in attacks, with government services being targeted 29% of the time—a 116% year-over-year increase.
• Hacktivism on the rise: Hacktivist-led attacks increased overall, except in the MENA region, where financial services and entertainment became the main targets.
• Botnets exploded in size: The average botnet grew fourfold, from 5,000 to 20,000 devices, significantly amplifying attack power.
• Carpet-bombing attacks gained ground: More attacks are now targeting multiple IPs to overwhelm entire networks.
• Increase in multivector attacks: These sophisticated assaults use multiple DDoS methods simultaneously, striking different layers of the OSI model to maximize damage.

DDoS Attacks Surge: How Elections Fuel the Threat

Elections significantly influenced the DDoS threat landscape in H1 2024, even outpacing armed, surpassing even armed conflicts. Europe became the most targeted region, absorbing 50.4% of malicious traffic in Q2, largely due to the historic EU parliamentary elections. During these elections, malicious activity in the region spiked by 1100%. Earlier in the year, Taiwan’s elections also triggered a similar surge, making it the second most attacked country in Asia.

DDoS Attacks and Industries

Here’s a snapshot of how different industries were affected by DDoS attacks in H1 2024:

• Government: The most targeted sector, accounting for 29% of attacks, with a 116% year-over-year rise. Early elections in Taiwan, Bangladesh, and Russia set the stage, with the EU parliamentary elections dominating by Q2.
• Entertainment: The second most targeted sector (16%), with an 81% increase year-over-year. Cyber sports tournaments, betting, and streaming platforms, particularly during UEFA 2024, were heavily affected.
• Finance: Attacks in this sector rose by 74%, driven by profit-focused hackers. The MENA region saw the highest increase, with a 268% rise year-over-year.
• Telecom: Attacks grew by 36%, aiming to disrupt communication infrastructures.
• Transportation and retail: Both sectors saw steady growth in attacks, with transportation facing a 32% increase, and retail seeing a 27% rise. 

Top Three Most Targeted Verticals in Detail

1. Government

The government sector experienced a 116% increase in DDoS attacks, largely driven by the global election cycle. Botnets grew significantly, enabling attackers to launch attacks exceeding 1 Tbit/s, presenting an ongoing threat to government infrastructures as elections continue throughout 2024.

2. Entertainment

The entertainment industry, particularly online gaming and streaming, became a prime target. The UEFA Euro 2024 spurred many of these attacks, with incidents strategically timed during matches. Smaller attacks targeted cyber sports platforms, especially in the MENA region, where incidents surged by 62% in June, likely due to the upcoming Esports World Cup.

3. Finance

Financial institutions saw a 74% rise in attacks, with banking services and payment processors being the primary targets. Profit-driven motives were especially noticeable in MENA, where a significant surge in attacks occurred.

DDoS Attacks by Country

The U.S. (12.8%) and China (11.3%) remain at the forefront of DDoS activity. However, Europe saw a notable rise, with France (10.4%), Germany (8.7%), and Belgium (7.4%) becoming major targets due to the EU elections.

Surprisingly, Israel saw a sharp decline in attacks, dropping to just 2.6%, after years of being heavily targeted due to conflict-related activities. This shift underscores the growing emphasis on disrupting democratic processes over military conflicts.

Conclusion

Elections remain a major catalyst for attacks, with hacktivism still on the rise. However, the trend in the MENA region, where for-profit hackers outpaced hacktivists by mid-year, may signal an emerging shift. As we continue to monitor the situation, one thing is clear: the DDoS landscape is becoming increasingly unpredictable.

cta1