DDoS-Capable Botnets
In the second half of 2024, the number of DDoS-capable botnet nodes totaled 880,165.
These nodes have been instrumental in launching both direct-path and reflection/amplification attacks against enterprises and service providers worldwide. Persistent threat groups such as NoName057(16) remain active. They continue to enhance their capabilities by employing malware families such as Mirai, exploiting open proxy servers, leveraging public cloud infrastructure, utilizing bulletproof hosting providers, and employing reflection and amplification techniques to increase the volume and impact of their attacks. These evolving tactics make it increasingly challenging for defenders to protect against these sophisticated threats.
Enterprise
174,577
Security Related Events
755,112
Bots Targeted the Enterprise
132
Average Packets Per Bot Node
Enterprise Top 5
Source Countries
-
China
-
India
-
Brazil
-
Russia
-
Vietnam
Targeted Countries
-
Brazil
-
Saudi Arabia
-
Nicaragua
-
Vietnam
-
México
Targeted Industries
-
Wireless Telecommunications Carriers (except Satellite)
-
Educational Support Services
-
Wired Telecommunications Carriers
-
Plumbing Heating and Air-Conditioning Contractors
-
Commercial Banking
Service Provider
497,043
DDoS Attacks
268,443
Bots targeted the Service Provider
28
Max Vector Count in a Botnet Attack
Service Provider Top 5
Source Countries
-
China
-
Russia
-
Brazil
-
Vietnam
-
United States
Targeted Countries
-
United States
-
China
-
United States
-
Philippines
-
Chile
Targeted Industries
-
Computing Infrastructure Providers Data Processing Web Hosting and Related Services
-
Wired Telecommunications Carriers
-
All Other Telecommunications
-
Wireless Telecommunications Carriers (except Satellite)
-
Legislative Bodies
