NBIP logo

Complexity and size of DDoS attacks have increased in 2019

NaWas

Complexity and size of DDoS attacks have increased in 2019

The complexity and size of DDoS attacks in 2019 has increased significantly compared to 2018. In a report published today by NaWas by NBIP, one of the largest DDoS scrubbing centers in Europe, concludes that despite the number of attacks has decreased slightly over 2019, their complexity and size has increased significantly. Twice a year the NBIP publishes a report with data on the DDoS attacks observed in the NaWas. The new DDoS Data report 2019 is available as of today.

The NaWas started in 2014 as a collective effort to mitigate DDoS attacks. Many hosters and other online service providers use the collective scrubbing center. In its six years of existence, the NaWas has successfully mitigated thousands of DDoS attacks. This separates the polluted traffic of the attacker(s) from the ‘clean’, legitimate traffic. This clean traffic is routed back to the participant via a separate connection via an internet exchange. In this way, the systems of participants in the NaWas remain available to users. Currently, the NaWas protects over 2.5 million .nl addresses. NaWas is also expanding and offering its services in a range of European countries.

Fewer attacks, more complexity and larger in size

Slightly fewer DDoS attacks were observed in the NaWas in 2019 compared to 2018 (919 attacks and 938 attacks respectively). In addition, the number of participants in the NaWas increased by almost 10%, which probably means that the relative decrease is greater.

However, attacks are becoming larger and more complex, says Octavia de Weerdt, managing director of NBIP. “The largest attack we observed in 2019 was 124 Gbps. The most complex attack used 30 vectors, i.e. 30 different methods to carry out a DDoS attack were combined into a single attack. In 2018, the largest attack we saw was 68 Gbps, while the maximum number of vectors was 12. These are big differences for which we unfortunately can’t give an immediate explanation.”

A persistent trend

The increasing complexity and size of DDoS attacks fits in with a trend that has been going on for several years. The NBIP has been publishing data on DDoS attacks observed by the NaWas since 2017. In that year there were no attacks of 40 Gbps or more, while in 2019 there were no attacks of less than 40 Gbps in the top 10 largest DDoS attacks.

De Weerdt: “There is a continuous arms race regarding DDoS attacks. Attackers try to find new vulnerabilities and methods to carry out a successful attack. Organizations that are victims of DDoS attacks meanwhile try to adapt their mitigation capabilities accordingly. This arms race will not end for the time being. For example, in the first quarter of 2020, we already observed a DDoS attack of 140 Gbps, and we have seen as many very large attacks of 40 Gbps or more as in the whole of 2019″.[contact-form-7 id=”47249″ title=”EN – Nieuwsbrief + Informatie Anti-DDoS”]

News

DDoS attacks in Q3 2025
NaWas, News
NBIP publishes latest edition of the Annual Monitor
Reports
Connect2Trust, NBIP, and SIDN Fund are jointly increasing the Netherlands’ digital resilience
News
DDoS attacks in Q2 2025
NaWas, News

Wil je meer informatie of je abonneren op onze nieuwsbrief?

NBIP logo
NBIP NEXT
Platform- and supplier-independent Cloud with Haven

Thursday, 27 November – 1:50 p.m. – 2:30 p.m.

Haven is an open solution for platform- and supplier-independent Cloud services. Haven is a building block of the pGDI and the NDS. Haven offers agnostic configuration of Cloud technology and provides organisations with a feasible exit plan. Expect an inspiring story about the practice of ecosystem-driven collaboration, in which we use the power of digitisation for the benefit of society.

Highlights:

  • Haven+
  • Ecosystem-driven collaboration
  • Platform- and supplier-independent cloud services
  • Data sovereignty

About Jacco Brouwer

Jacco Brouwer works for the Association of Netherlands Municipalities as Cloud Policy Coordinator and represents municipal interests in the NDS implementation programme on Cloud. From the Innovation Knowledge Centre at VNG, Jacco is the initiator of the public Incubator GROEI, through which VNG guides municipal collaboration and innovations based on a start-up philosophy in scaling up to broad and collective use among municipalities and fellow authorities.

Jacqueline van de Werken is bijna 10 jaar actief als global general counsel bij Leaseweb, na een loopbaan in de advocatuur en actief te zijn geweest in legal & regulatory affairs bij buitenlandse telecom/ datacom aanbieders.

Sinds enige tijd is Jacqueline ook board member & secretaris van brancheorganisatie Dutch Cloud Community. Als president/chair bij Cloud Infrastructure Service Providers Europe richt ze zich ook op het behartigen van regulatory belangen van de IAAS cloud sector.

Woensdag 26 november 

Van vrijwillig naar verplicht: de nieuwe werkelijkheid van regelgeving voor providers

Interactieve sessie

11:15 – 12:00 uur

Ir. Bas Dunnebier EngD

Bas Dunnebier is Chief Science and Technology Officer (CSTO) bij de Algemene Inlichtingen- en Veiligheidsdienst (AIVD). De CSTO speelt in op de kansen en uitdagingen die technologische en wetenschappelijke innovatie met zich meebrengen, onder meer voor de offensieve en defensieve taken van de dienst.

Eerder vervulde Dunnebier verschillende andere functies binnen de AIVD, waaronder die van hoofd Unit Weerbaarheid. Hij heeft daardoor een brede expertise ontwikkeld op het gebied van (cyber)weerbaarheid, inlichtingen, en technologieën zoals AI, quantum en cryptologie. Hij studeerde Toegepaste Wiskunde aan de Universiteit Twente, en Informatie- en Communicatietechnologie aan de Technische Universiteit Eindhoven. Voordat Dunnebier bij de AIVD kwam werken, werkte hij onder meer bij Thales, TNO en Technolution.

Het huidige dreigingsbeeld volgens de AIVD: wat nu te doen?

Woensdag 26 november 
14:00 – 14:35
Parkzaal: Wet- en Weerbaarheid

During his presentation, Dr. Alberto P. Martí will provide an update on the European IPCEI Cloud Infrastructure and Services (CIS) project.

Thursday, 27 November

3:00 p.m. – 3:45 p.m.

Parkzaal: Towards digital autonomy

During NBIP NEXT, René will share more about the implementation of the eEvidence legislation that will come into force for internet service providers on 18 August 2026.

Wednesday 26 November

3:00 p.m. – 3:35 p.m.

Parkzaal: Track Law & Resilience

During NBIP NEXT, Johan will give a presentation as part of the DDoS Mitigation track on how to use a WAF to mitigate layer 7 attacks.

Wednesday, 26 November
1:15 p.m. – 1:50 p.m.
Fonteinzaal: Collaborative DDoS mitigation track (ENGLISH)

Dr. Cristina Caffarra is one of the driving forces behind EuroStack. This movement, which has the ear of politicians and policymakers in Europe, is campaigning for more investment in European technology, based on the belief that this is the only path to digital autonomy.

Caffarra is a competition expert and knows the world of big tech companies from the inside. She has made important contributions to competition investigations into mergers and antitrust cases for the European Commission. Caffarra does not mince her words and tells it like it is: we must work together to give shape to European digital autonomy as quickly as possible. At NBIP NEXT, she will share her vision during an inspiring keynote speech, followed by an opportunity for discussion.

Thursday 27 November
1:15 p.m. – 1:50 p.m.
Parkzaal: Towards digital autonomy