Tom Emmons is a data enthusiast who leads a team focused on machine learning and automation at Akamai. His areas of security expertise are in DDoS and application security. With DDoS, we typically observe a moderate degree of attacker persistence. \n DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little effort and money, and in relative safety. They give it a go, try a few things (vector, endpoint, and scale changes), and for those with effective defenses, the attacker eventually burns out.  \n This changed with DDoS extortion campaigns launched primarily between  fall 2020  and late  spring 2021 , which were a pure numbers game.  \n"}}"> With DDoS, we typically observe a moderate degree of attacker persistence.…