DDoS Attacks - New Era of AI-Powered Cyberattacks Emerges
Basically, hackers are using AI to launch smarter and harder-to-detect attacks on websites and APIs.
Akamai warns of a new era of cyberattacks where DDoS, API abuse, and AI converge. This shift complicates defense strategies, posing significant risks for organizations. As attacks become more sophisticated, companies must enhance their security measures to stay protected.
The Threat
Akamai's recent findings reveal a concerning trend in cybersecurity: DDoS attacks, API abuse, and AI-driven tactics are merging into more coordinated and sophisticated cyberattacks. This convergence represents a significant evolution in how attackers operate, making it increasingly difficult for organizations to defend against these threats. Over the past year, Layer 7 DDoS attacks have surged by 104%, indicating a shift in focus from traditional network-level attacks to application-level disruptions that can evade detection.
The report highlights that these attacks are no longer isolated incidents. Instead, they are part of a larger strategy where attackers utilize multiple vectors simultaneously. For instance, a single attack may employ Layer 3, Layer 4, and Layer 7 tactics, complicating defense mechanisms. This multifaceted approach not only increases the effectiveness of attacks but also obscures their origins, making attribution challenging for security teams.
Who's Behind It
The rise in coordinated attacks is attributed to various threat actors, including criminal organizations and hacktivist groups. Notably, the Qilin group, a Russia-linked ransomware-as-a-service (RaaS) operation, has expanded its capabilities to include DDoS attacks. This evolution signifies a broader trend where established cybercriminals are integrating new attack methods into their arsenals, enhancing their operational effectiveness.
Moreover, the use of botnets, such as TurboMirai, has become prevalent. These botnets can execute attacks across multiple layers, making them particularly dangerous. As organizations increasingly rely on APIs for their operations, these entry points become prime targets for exploitation. The growth of agentic AI in corporate environments further complicates matters, as it can be leveraged by attackers to amplify their efforts.
Tactics & Techniques
Attackers are employing various tactics to exploit vulnerabilities in APIs and web applications. Akamai reports that 87% of companies experienced an API-related security incident in 2025. Attackers often utilize unsanitized JSON in API requests to execute arbitrary commands, allowing them to compromise servers and incorporate them into DDoS-capable botnets.
This trend highlights the need for organizations to rethink their security strategies. As APIs become more integral to business operations, the complexity of managing these interfaces increases. Attackers are continuously probing for security gaps, and the rise of shadow AI—undocumented APIs in SaaS applications—adds another layer of risk. This shadow AI can lead to greater exploitation opportunities, making it crucial for companies to ensure robust API security measures are in place.
Defensive Measures
To combat these evolving threats, organizations must adopt a converged security approach. This involves integrating teams focused on API security, AI governance, and web application defense to create a unified front against cyber threats. As Brent Maynard from Akamai points out, the convergence of attack methods necessitates a similar response from defenders.
CISOs are urged to review their risk portfolios critically. Key questions to consider include: Is the API program robust? Are DDoS protections capable of handling the latest Layer 7 attacks? The answers to these questions will determine an organization's resilience against the increasingly sophisticated landscape of cyber threats. By prioritizing comprehensive security strategies, businesses can better protect themselves from the coordinated cyberattacks of the future.
SecurityWeek