Security firm Kaspersky Lab says that distributed denial of service attacks—which overwhelm servers with data requests to take them down—are becoming geographically more widespread. Its analysis shows that 86 countries were hit by the attacks in the second quarter of 2017, up from 72 in the first quarter. And it saw some long attacks take place, too—the longest being sustained for an impressive 11 days.

Meanwhile, analysis by consultancy firm Frost and Sullivan suggests that hackers are getting wise to tools used to spot and shut down the attacks, and are now modifying their hacks accordingly. “Traditional DDoS detection tools that rely on baselines and sampling require time to accurately diagnose an attack in progress before starting the mitigation process. [So some] attackers are utilizing ‘hit-and-run’ style attacks, lasting only a few minutes, in order to defeat time-dependent defenses,” Frost & Sullivan’s network security analyst, Chris Rodriguez, explained in a statement.

Many of these DDoS attacks are carried out using growing groups of enslaved Internet-connected devices, known as botnets of things, which are used to bombard servers with requests. President Donald Trump has called for a crackdown on the zombie hardware armies, but it’s not clear if his plans will work.