AI is making DDoS attacks ‘more powerful, subversive, and frequent’

As well as the 106% hike in attacks, the report from Zayo also found that an average DDoS attack now lasts 45 minutes, which is an 18% increase from the same time last year. This is costing organizations approximately $270,000 per attack at an average rate of $6,000 per minute, we’re told.

The introduction of AI to deploy and elevate DDoS attacks is allowing them ‘to evolve, growing more powerful, subversive, and frequent,’ says the report.

It adds that in the wake of the AI boom, bot-based attacks have made it even ‘easier to attack more often, in a more sustained manner, and with more requests per second.’ AI is also driving the increased pervasiveness of DDoS attacks across more industries, with Zayo noting that for the first time since it’s been putting together these reports, HR and staffing, legal and consulting, and transportation firms became victims of the top 10% of the largest DDoS attacks seen. 

Of particular bad news to our readers, the report says telecoms companies are still the most-targeted industry, soaking up 57% of all attacks. Other most frequently targeted industries include education (19%), manufacturing (5%), and cloud/SaaS (5%). 

In terms of the largest DDoS attacks, manufacturing has replaced retail as the worst hit, with companies in this sector experiencing a 308% increase in attack duration from 2023 to 2024, and a 200% increase in DDoS attack size.

Meanwhile government entities were hit with the longest duration attacks, with an average attack time of over six hours.

“As we predicted last year, DDoS attacks in the age of AI have become more persistent and frequent across all industries, and our latest report confirms this heightened level as the new norm,” said Max Clauson, SVP of Network Connectivity at Zayo. "What’s worse, if this trend continues, we expect attacks could increase another 24% by the end of the year. The only way to fight back is to add protection to your tech stack. When your business is protected, attackers have no other option but to move on to find an easier target.”

As well as AI, another game changing technology when it comes to the security landscape is quantum computing, and a number of telcos are launching ‘quantum-safe’ network projects to try and get ahead of the curve. Last week, Singel launched what it calls Southeast Asia’s first National Quantum-Safe Network Plus (NQSN+), and a programme for enterprises to trial the technology.

The network employs modern quantum security solutions to protect enterprises against quantum threats, and supports a range of network and security devices for enterprises in Singapore looking to secure their communications ahead of quantum computing fully spinning up as a sector, with all the potential security fears that comes with it.