Summary Points
- The total number of DDoS attacks surged from 512K in Q4 2024 to 1.3 million in Q4 2025, with attack volumes reaching a record 12 Tbps, a sixfold increase.
- Network-layer attacks dominate, comprising 82% of incidents, and are increasingly shorter (most under one minute), while application-layer attacks are longer, often exceeding 10 minutes.
- Digital sectors like technology (34%), finance (20%), and gaming (19%) are primary targets, with attackers focusing on infrastructure to maximize disruption.
- Geographic analysis shows attack sources predominantly in Latin America, especially Mexico and Brazil, emphasizing the need for localized and widespread threat mitigation strategies.
Key Challenge
On March 24th, 2026, in Luxembourg, Gcore released its Q3-Q4 2025 Radar report, uncovering a troubling rise in DDoS attack activity. The report reveals that attacks skyrocketed from 512,000 in late 2024 to over 1.3 million by the end of 2025—a more than doubling—highlighting an alarming trend of increased scale and frequency. Notably, attack volumes surged sixfold to reach 12 Tbps, driven partly by advances in automation, which attackers now use to execute larger, faster campaigns. These attacks target critical sectors such as technology, finance, and gaming, with a majority lasting under a minute, indicating a shift toward rapid, high-impact bursts designed to overwhelm defenses quickly before mitigation can occur. Additionally, attacks predominantly originate from Latin American sources, especially Mexico and Brazil, emphasizing the geopolitical complexity of this threat landscape.
Furthermore, the report points to a broader evolution in attack methods, with increasingly sophisticated and automated strategies fueling proliferation. The rise in network-layer attacks—making up 82% of incidents—underscores the economic appeal for cybercriminals seeking easy, disruptive targets. As Andrey Slastenov, Gcore’s Head of Security, explained, this escalation is driven by easier access to attack tools, expanding insecure IoT ecosystems, and ongoing geopolitical instability. Consequently, the report serves as a call to action for organizations to deploy more robust, globally distributed security measures capable of detecting and neutralizing threats close to their source. Gcore, headquartered in Luxembourg, reports that protecting digital infrastructure has become more urgent than ever, given the rapid growth and evolving nature of cyber threats.
Risks Involved
The recent Gcore Radar report highlights a worrying trend: a 150% increase in DDoS attacks year-on-year. This surge means your business is now at greater risk of being targeted by malicious entities seeking to overwhelm your network. If you’re unprepared, these attacks can cripple your online services, cause costly downtime, and damage your reputation. As cybercriminals become more aggressive and sophisticated, even minor vulnerabilities can be exploited. Therefore, without strong defenses, your business could face disrupted operations, loss of customer trust, and significant financial setbacks. In short, the rising tide of DDoS threats makes it essential for every business to prioritize robust cybersecurity measures.
Possible Next Steps
In today’s digital landscape, swift action is crucial to reducing the devastating effects of DDoS attacks, as the rising frequency highlighted by Gcore Radar emphasizes the urgent need for effective mitigation strategies.
Rapid Detection
Implement continuous real-time monitoring to identify unusual traffic patterns promptly, enabling faster response times.
Traffic Filtering
Use filtering techniques such as IP blacklisting, rate limiting, and geo-blocking to prevent malicious traffic from reaching your network.
Scaling Resources
Utilize scalable cloud bandwidth solutions that can absorb large volumes of traffic during attack peaks, minimizing service disruption.
Firewall and IDS
Configure advanced firewalls and intrusion detection systems (IDS) to detect and block attack vectors proactively.
Incident Response Plan
Develop and regularly update a comprehensive incident response plan tailored for DDoS incidents, ensuring rapid coordinated action.
Collaboration with Providers
Partner with Internet Service Providers (ISPs) and DDoS mitigation services to leverage their expertise and infrastructure during an attack.
Post-Incident Analysis
Conduct thorough post-attack reviews to understand attack vectors and improve future defense mechanisms for resilience.
Education and Training
Train staff on recognizing signs of DDoS attacks and proper response procedures, fostering a proactive security culture.
Stay Ahead in Cybersecurity
Explore career growth and education via Careers & Learning, or dive into Compliance essentials.
Learn more about global cybersecurity standards through the NIST Cybersecurity Framework.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1cyberattack-v1-multisource
