DDoS Attacks - 150% Surge Reported in 2025 Trends

What Happened

In a recent report by Gcore, a significant surge in DDoS attacks has been revealed, with a staggering 150% increase year-on-year. The total number of attacks skyrocketed from 512,000 in Q4 2024 to 1.3 million in Q4 2025. This alarming trend indicates that DDoS activity is not just rising; it is accelerating and diversifying. The report highlights that the total attack volume reached a record 12 terabits per second (Tbps), showcasing a sixfold increase in attack capabilities.

The landscape of DDoS threats is evolving. Attackers are now leveraging automated tools and sophisticated techniques to execute their campaigns. This change means that businesses must adapt quickly to protect themselves from these increasingly frequent and complex threats.

Who's Being Targeted

The report identifies key sectors that are being disproportionately affected by these attacks. The technology sector is the most targeted, accounting for 34% of all attacks, followed closely by financial services (20%) and gaming (19%). These sectors are prime targets due to their reliance on service availability, where disruptions can lead to immediate operational and financial impacts.

Geographically, the Americas dominate the source of attacks, with Mexico and Brazil together contributing 55% of the observed DDoS activity. This concentration of attack sources underscores the need for businesses to implement defenses that can mitigate threats as close to their origin as possible.

Tactics & Techniques

The report reveals a shift in the tactics employed by attackers. Network-layer attacks now make up 82% of all incidents, reflecting a 20% increase from previous reports. These types of attacks are favored because they are cheaper and easier to execute, making them attractive for those looking to cause disruption.

Interestingly, while network-layer DDoS attacks are becoming shorter in duration—75% last less than one minute—application-layer attacks are evolving. A significant 64% of these attacks now exceed 10 minutes, indicating a shift towards more sustained efforts to disrupt services. This evolution reflects a broader trend where attackers are increasingly using automation to conduct large-scale campaigns with specific business impacts in mind.

Defensive Measures

Given the rapid escalation of DDoS attacks, businesses must take proactive measures to safeguard their operations. Gcore emphasizes the importance of adopting integrated security solutions that can detect intent, analyze behavior, and respond across multiple attack surfaces.

To effectively combat these threats, organizations should consider the following actions:

• Invest in DDoS protection services that can absorb and mitigate large-scale attacks.
• Enhance monitoring capabilities to quickly identify and respond to unusual traffic patterns.
• Educate staff about the risks of DDoS attacks and the importance of cybersecurity hygiene.

As the threat landscape evolves, understanding these dynamics and preparing accordingly has never been more critical. Businesses that previously felt insulated from such threats must now recognize their vulnerability and take action to protect their digital assets.