Home DDoS Attack Statistics and Facts You Must Know (2018-2023 Data)
Cybersecurity Statistics

DDoS Attack Statistics and Facts You Must Know (2018-2023 Data)

Susan Laborde Tech Writer Author expertise
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.
In This Guide

The distributed denial-of-service (DDoS) attack is one of the most destructive cyberattacks on the internet. It is so powerful that it can exploit and take down even the largest website servers by overloading them with excessive requests. These servers crash when they cannot serve all the junk requests and will probably require painstaking hours to restore. DDoS attacks account for 20 to 50 percent of the attacks experienced by surveyed organizations each month.

DDoS attacks are sneaky and can erupt at any time, and targets (businesses and individuals) must have advanced software tools installed on their computers or networks to detect and tackle them. Have you been a victim of a DDoS attack before? Or would you like to know how to identify them? We have outlined 20+ notable statistics about DDoS attacks between 2018 and 2023 for you to know. Also, you will see the different DDoS attack statistics for each year and some sectors and countries that were in the headlines for DDoS attack statistics. Let’s go.

What is a DDoS Attack

What is a DDoS Attack?

A distributed denial-of-service (DDoS) is a digital attack whereby a hacker aims to make a network resource or machine unavailable to its users by disrupting and overloading the target server.

This malicious attack aims at disrupting the regular traffic of target servers while attempting to steal useful data or information. In this form of attack, multiple connected devices, called botnets, overwhelm the network server of a target computer until it crashes, after which they gain access to the server. 

2018 DDoS Attack Statistics

1. The GitHub and Arbor Networks Attack.

In 2020, the world’s largest DDoS attack record was broken twice a week. In March, the popular code repository platform GitHub encountered an attack of requests as large as 1.3 TB/s. The following week, Arbor Networks reported a DDoS attack of 1.7 Tbps, which it had efficiently detected and mitigated.

2. Between H1 2017 and 2018, the Number of Attacks Larger Than 300 Gbps Climbed By Over 500%, From 7 to 47.

According to a report by NESCOUT, the record-breaking DDoS attacks have increased the average attack size, though there were other contributing factors. For instance, attacks peaking at more than 300 Gbps were far more common in the first half of 2018.

3. The Most Common DDoS Attack in Q4 2018 was UDP, Contributing to the Overall Attacks.

In the last quarter of 2018, UDP flooding ranked as the most common DDoS attack facts, contributing 19.7% of the total attacks. While the third quarter recorded 11.9% of the total attacks, the fourth quarter leaped by over 31.1%.

4. There Was a Total of 148,000 DDoS Attacks, Which Contributed Over 643,100 GB of Traffic.

According to an NSFocus report in 2018, the DDoS attack count dropped by 28.4% from 2017 to 148,000 attacks, generating 643,100 terabytes of traffic. The report also revealed that DDoS attacks are constantly increasing, as both medium and large-scale attacks are continuously growing.

2019 DDoS Attack Statistics

2019 DDoS Attack

5. The Overall Cost of DDoS Attacks in the United Kingdom Was £1 Billion ($1.3 billion).

Techradar reports revealed that the total cost of DDoS attacks in the United Kingdom alone was about £1 billion (or $1.3 billion). The report further revealed that DDoS attacks could greatly affect the UK’s economy. Some causes include the growing number of poorly secured devices on 5G networks, the massive 23 million DDoS attack software programs on demand, and cheap DDoS services for lease.

6. The Total Number of Attacks Grew By 84%, and the Number of DDoS Attacks that Lasted Over 60 Minutes Doubled.

According to a report by Secure List, all DDoS attack indicators grew in Q4 2019. Also, the overall number of attacks leaped by 84%, while the number of sustained DDoS sessions doubled. Thus, the average duration grew by precisely 4.21 times.

7. In 2019, Most DDoS Attacks Were Targeted At the Same Entities and Were Persistent.

In an Imperva report in 2019, the vast majority of network attacks were short, as 51% lasted less than 15 minutes, and most of them were targeted at the same entities and were persistent. Also, hackers launched attacks in either short streaks or were extremely persistent.

8. The US Contributed 33% of All DDoS Attack Facts.

The United States was a key player in the global cybercrime ecosystem, contributing 33% of the overall DDoS attack traffic. According to the report, various factors affecting this could include the massive population of the US, the highly advanced tech landscape in the US, and the well-developed nature of the United States’ digital infrastructure.

9. The Longest DDoS Attack Was 509 Hours or 21 Days.

The 2018 record-breaking DDoS attack that destroyed almost all existing records by overloading their victims’ systems with false data lasted 329 hours or about two weeks. However, in the second quarter of 2019, popular antivirus service provider Kaspersky detected requests sent to DDoS networks, revealing that the attack lasted even longer—for a staggering 509 hours.

2020 DDoS Attack Statistics

2020 DDoS Attack Statistics

10. In 2020, 69% of Large Companies Experienced Increased Attack Demand.

According to a 2020 report by Statista, there has been a rise in demand for DDoS attacks against large businesses. This growing figure reveals that threat actors and cybercriminals actively target large-scale companies with these attacks. The reasons for this may include revenge, political motivations, financial gain, or disruption.

11. DDoS Activity Grew By An Incredible 542% in Q1 2020 Compared to Q4 2019.

Thanks to the COVID-19 pandemic, the rate of global cybercrime has skyrocketed. Q1 2020 was even worse, registering more than 2.5 times the growth of Q1 2021. In addition, this figure was nearly 4.5 times the figure of Q4 2019.

12. One of the Most Common Free DDoS Attack Tools Used in 2019 Was the Low Orbit Ion Canon (LOIC).

Low Orbit Ion Canon (LOIC), which transfers HTTP, TCP, and UDP requests to the target server, is the most common denial-of-service (DoS) attack technique. It also comprises an HIVEMIND mode that facilitates DDoS attacks, enabling the hacker to control remote LOIC-infested computers.

13. Attacks that Offered More Than 100 Gbps of Data Increased By 967% Between 2019 and 2020.

Amazon reports found that attacks over 100Gbps increased by 967% at the beginning of 2019 compared to Q1 2018. The largest DDoS attack measured within that quarter was 587 Gbps, which surpassed 2018 Q1’s 345 Gbps.

14. In Q3 2020, China Was Responsible For the Most DDoS Attacks, Contributing 70.20% of the Overall Attacks.

China ranked as the country with the largest number of DDoS cyber-offenders in Q3 2020, contributing an incredible 70.20% of the overall attacks. This figure is nearly 20% growth from the previous year. The US ranked second with 15.30%, and Hong Kong ranked third with 4.47%.

15. DDoS Attacks Peaked At 563.31 Gbps in Q3 2020.

The third quarter of 2020 saw massive DDoS attacks, peaking at 563.31 Gbps. This statistic reveals that businesses must take the procedures to safeguard their networks from threat actors and attackers. It also shows that DDoS assaults can reach such great extremities, raising global concerns for organizations. Thus, medium and large-scale companies must take their cybersecurity games to the next level.

2021 DDoS Attack Statistics

2021 Statistics

16. The Longest Duration For a DDoS Attack in Q1 2021 Lasted About 776 Hours.

A Cloudflare report found that the longest DDoS attack in the first quarter of 2021 lasted more than 776 hours, or about 31 days. The attack was aimed at a crypto-related gaming firm and combined application and volumetric-layer attacks. However, Cloudflare successfully detected and mitigated the attacks, which resulted in major disruption to the game provider.

17. Most Botnet-Based Attacks During Q1 2021 Occurred in January.

A 2021 Kaspersky report for the beginning of 2021 found that botnet-based attacks occurred in January. Some reasons for this include that many organizations recover from the holiday season in January and maybe most vulnerable to assaults; January is also a time for hackers to launch assaults, as they constantly seek global attention.

18. Between Q1 2021 and Q4 2020, the Healthcare Sector Experienced a 53% Growth in DDoS Attacks.

Compared to Q4 2020, the global healthcare sector observed a 53% growth in DDoS assaults during Q1 2021. This statistic outlines a crucial increment in DDoS assaults aimed at the healthcare sector within that period. Healthcare companies are the most common victims of this kind of attack.

2022 DDoS Attack Statistics

2022 statistics

19. DDoS Attacks are Constantly Increasing.

Even though Cloudfire reported a 10% decrease in application-layer DDoS assaults from the second to the third quarter of 2022, the figure is already double that of 2021. The number of ransomware DDoS assaults in Q3 2022 increased by 67% from the previous year.

20. The Average DDoS Attack Duration in Q3 2022 Lasted Only 390 Seconds.

Recently, DDoS assaults have taken less time but focused more on attack frequency and size. In Q3 2022, the average DDoS attack lasted 390 seconds. While these attacks are short-spanned, they test the target’s cyber defenses.

21. The Average Cost of a DDoS Attack is Between $20,000 and $40,000/Hour.

A Cox Blue report found that, on average, DDoS attacks cost $22,000 per hour. It is worth noting that this cost varies based on the duration, size of the attack, and industry affected. The costs can be direct (e.g., revenue or loss), indirect (e.g., lost productivity, legal fees, and reputation damage), or recovery costs.

2023 DDoS Attcak Statistics

2023 stats

22. From the 2022 First Half to the 2023 First Half, DDoS Assaults Recorded a 200% Growth, With Activity Growing Almost Four Times From the First to the Second Quarter.

The worldwide landscape of growing political unrest, the emergence of mainstream acceptance of work-from-home, and digitization have all contributed to the growth of DDoS assaults. Also, the increase in attacks has led to the rise in the digital landscape. The Tech industry was the most assaulted, with application-layer attacks growing by more than 165% in 2022. According to the report, education, telecoms, and media firms saw the most significant growth in cyberattack frequency. Furthermore, the average duration of assaults declined from the previous year.

DDoS Terminologies

DDoS Terminologies

  • Botnet: A botnet is a set of connected computers infested and remotely controlled via a malware program or virus and used to generate requests to target servers in a DDoS assault. 
  • Denial-of-Service attack: This digital attack focuses on disrupting a network resource, like a server or website, to cut off a target’s access to the resource by overloading it with requests or data. 
  • Memcached: This decentralized memory-caching system is famous for quickening dynamic database-driven sites by caching objects and data in RAM to minimize the number of times the device accesses an external source. 
  • IP Spoofing: This digital technique is leveraged in DDoS assaults to disguise the true source of the assault traffic by creating a false source IP address for the data packets. 


DDoS attacks are one of the most destructive forms of cyberattacks. The last thing you would want for your business is to be attacked by a cyber hacker and unable to detect or mitigate the risks. The statistics in this article reveal some of the most exciting and bizarre statistics of the DDoS attacks from 2018 to 2023. Feel free to comment below and share this with your loved ones.


What are the natural causes of a DDoS attack?

How does DDoS Work?

How can I secure my company from DDoS assaults?

What are the three most common kinds of DDoS attacks?


The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

Susan Laborde Tech Writer

Susan Laborde Tech Writer

Susan Laborde researches the latest technology trends in an ever-changing tech landscape to provide comparisons, guides, and reviews that are easy to understand for readers. When taking a break from being a tech word wizard, she plays games with her baby.