Essential Insights
- DDoS attack volume increased by 41% YoY in H1 2025, peaking at 2.2 Tbps, signaling larger and more sophisticated threats.
- Attacks are lasting longer, multi-layered, and shifting focus from gaming to technology and financial sectors.
- Application-layer assaults now account for 38%, with UDP floods leading, and attackers commonly deploying multi-vector strategies.
- Geographically, the US, Netherlands, and Hong Kong are top attack sources, emphasizing the need for proactive, geographically aware defenses.
The Core Issue
The recent Gcore Radar report for the first half of 2025 documents a significant escalation in distributed denial-of-service (DDoS) attacks, revealing a 41% year-on-year surge in volume, with peak threats exceeding 2.2 terabits per second—more than double the previous record. These attacks are becoming increasingly complex, longer in duration, and are targeting a broader range of industries, notably shifting focus from gaming to technology, with financial services also heavily targeted. The rise is fueled by easier-to-access attack tools, the exploitation of vulnerable internet-of-things devices, and geopolitical tensions, which together create a fertile ground for threat actors to deploy multi-vector, application-layer assaults that evade traditional defenses.
The report, compiled by Gcore, a cybersecurity solutions provider, emphasizes that cybercriminals are adopting more sophisticated tactics, including multi-layered attack strategies and targeting web applications and APIs with volumetric and manipulation techniques. Geographically, the United States, the Netherlands, and Hong Kong emerge as significant sources, underscoring the necessity for globally aware and multi-layered defenses, such as Gcore’s own DDoS mitigation services integrated with web application and API protection (WAAP). The findings underscore an urgent need for organizations—especially in high-risk sectors—to bolster their cyber resilience as attackers’ capabilities and ambitions continue to grow at an alarming pace.
What’s at Stake?
The escalating complexity and scale of DDoS threats, as highlighted in the Q1–Q2 2025 Gcore Radar report, underscore a rapidly intensifying cyber risk landscape that poses severe operational and financial threats across diverse industries. Attack volumes surged by 41% YoY, with the largest assault reaching a staggering 2.2 Tbps, reflecting attackers’ growing ambition and capacity to overwhelm systems through longer, multi-vector, and application-layer tactics. Technology sectors now face the highest attack rates, overtaking gaming, while financial services remain critically targeted due to their high-impact potential. Geopolitical tensions, accessible attack tools, and compromised IoT devices have fueled the proliferation of larger, sophisticated campaigns, often lasting longer and employing multi-layered strategies that circumvent traditional defenses. These threats not only threaten service availability but can also manipulate business logic and compromise sensitive data, emphasizing the critical need for advanced, integrated defense mechanisms, such as WAAP, to safeguard infrastructure, ensure resilience, and maintain operational continuity in an increasingly hostile digital environment.
Fix & Mitigation
Staying ahead of quickly evolving cyber threats is crucial, especially as the shift in DDoS attack targets underscores the urgent need for timely remediation strategies to protect digital infrastructure and maintain operational continuity.
Protection Measures
-
Deploy advanced DDoS protection services
-
Increase network bandwidth capacity
-
Implement robust firewalls and intrusion detection systems
-
Conduct regular security audits and vulnerability assessments
-
Establish an incident response plan
- Educate staff on cybersecurity best practices
Advance Your Cyber Knowledge
Explore career growth and education via Careers & Learning, or dive into Compliance essentials.
Learn more about global cybersecurity standards through the NIST Cybersecurity Framework.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1
