DDoS attack volumes surge 41 percent as threats rapidly evolve
The latest Radar report from Gcore finds DDoS attacks have reached unprecedented scale and disruption in 2025, and businesses need to act fast to protect themselves from this evolving threat.
Attack volumes increased by 41 percent compared to Q1-Q2 of 2024, evidencing dangerous long term growth trends predicted in prior Radar reports. The largest attack peaked at 2.2 Tbps in Q1-Q2, surpassing the 2 Tbps peak recorded in late 2024.
Andrey Slastenov, head of security at Gcore, says, “The latest Gcore Radar should be a wake-up call to businesses across all industries. Not only is the number and intensity of attacks increasing, but attackers are expanding the scope of their attacks to reach an increasingly wide range of sectors. Businesses must invest in robust DDoS detection, mitigation, and protection to prevent the financial and reputational impact of an attack."
Attacks shorter than 10 minutes have decreased by about 33 percent, while those lasting between 10 and 30 minutes have nearly quadrupled. While previous reports highlighted the dominance of very short, intense DDoS attacks, this change suggests that attackers are adapting to the improved automatic detection and mitigation systems employed by companies to handle brief attacks. By extending their attack duration, threat actors can get around these temporary defense thresholds, cause more extensive damage, and test infrastructure resilience over time.
Multi-vector attacks have also increasingly become a preferred tactic of attackers. By masking malicious activity within seemingly legitimate traffic, attackers complicate detection and extend their window to cause damage.
The gaming sector’s share of total DDoS attacks has dropped significantly (down 30 percent in the last year). This notable decline suggests attackers are shifting focus to other sectors such as tech (attacks up 15 percent) and financial services (attacks up 15 percent).
Hosting providers, in particular, have become prime targets due to their role supporting SaaS, eCommerce, gaming, and financial clients. An attack on one hosting provider can have dangerous ripple effects leading to massive service outages and reputation damage to dozens of dependent companies.
Attackers are expanding their geographical horizons too, although the United States and the Netherlands remain top sources for attacks, Hong Kong is a new source of threats. It now accounts for 17 percent of all network-layer and 10 percent of application-layer attacks.
You can get the full report from the Gcore site.
Image credit: Funtap/depositphotos.com