According to the report released by Qrator Labs, the financial sector emerged as the most vulnerable, accounting for 42.06% of all recorded DDoS attacks during the third quarter of 2023. Following closely behind were the e-commerce industry with 29.80% of attacks and the IT sector with telecommunications at 6.05%. The educational technologies and media industry also made it to the list, securing the fourth and fifth positions, respectively.
During the first nine months of 2023, banks were the primary targets, making up 27.74% of all recorded attacks. They were followed by electronic ads and online education, accounting for 16.16% and 9.5% of attacks, respectively.
The third quarter saw a notable increase in DDoS attacks, with the average attack duration reaching 66 minutes, an increase of 19 minutes compared to the previous quarter. In August, there was a record-breaking attack on the transport and logistics sector that lasted over 71 hours, showing indications of a custom attack. Additionally, in September, the catering sector faced an intense attack lasting over 22 hours, reaching a maximum power of over 100 Gbit/s, making it one of the top five most intense attacks.
In an attempt to bypass blocking measures, attackers have started using IP addresses that are geographically close to their victims. This has resulted in a significant increase in the number of blocked addresses, rising by more than 116%, from 18.5 million to 40.15 million. The majority of blocked addresses come from Russia, the USA, and China.