In 2024, Russia experienced a marked rise in DDoS assaults aimed at essential segments of the economy. StormWall researchers reviewed incidents from January through October 2024 and found that the total number of attacks jumped by 86 percent compared with the same window a year earlier. The report highlights how the threat landscape shifted and how different actors targeted the country’s critical services during this period.
The study shows that the majority of incidents were politically driven, accounting for 63 percent of attacks, while 26 percent pursued commercial gain. An additional 10 percent were linked to increased competition in cyberspace, and 1 percent stemmed from hooliganism. These splits help explain the variety of drivers behind the rising DDoS activity and how threat actors calibrate their objectives over time.
From January to October 2024, the three most attacked sectors were telecommunications at 31 percent, the public sector at 16 percent, and online retail at 14 percent. Hacktivists aimed to disrupt telecom operators so they could not provide services to Russian businesses. In recent months, attackers have frequently targeted regional telecom firms, as these targets tend to yield the most disruptive effects and hinder broad service delivery.
The public sector, especially the online resources of regional government offices, faced persistent risk. Attacks on online retail platforms also rose in 2024 during holidays, sales periods, and major social events, when consumer traffic and transaction volumes spike and cybercriminals see heightened payoff opportunities.
Other sectors saw notable activity as well: entertainment 9 percent, finance 8 percent, education 7 percent, energy 5 percent, information technology 4 percent, manufacturing 3 percent, logistics 2 percent, and all other sectors 1 percent. The distribution shows a wide geographic and economic impact across different industry players and service layers, from consumer portals to back-end systems.
StormWall analysts identified a clear year over year rise in attacks against several industries. Between January and October 2024, telecom attacks rose 173 percent, education 64 percent, and online retail 43 percent compared with the previous year. The surge in telecom attacks stands out as a defining trend, signaling that this sector was a primary objective for attackers in the period covered.
Experts also observed smaller increases in other areas, with public sector incidents up 26 percent and entertainment up 18 percent. These shifts reflect an expanding attack surface and the need for adaptive defenses across diverse domains that rely on web and network availability to operate normally.
Earlier assessments had signaled a rapid rise in DDoS activity within Russia, and security teams remained vigilant as tactics and targets continued to evolve. For organizations outside Russia, including those in Canada and the United States, the findings underscore the importance of robust DDoS protection, rapid incident response, and reliable threat intelligence to safeguard critical services and maintain resilience during peak online periods.
North American entities should assess exposure of telecom networks and regional government portals, ensure redundancy and scrubbing capacity, and maintain continuous monitoring to detect traffic surges and respond quickly. The Russia 2024 data provide a useful lens for evaluating defense postures, incident playbooks, and vendor readiness as enterprises prepare for changing threat conditions across global networks.