Global Distributed Denial-of-Service (DDoS) attacks surged in the first half of 2025, according to the NETSCOUT DDoS Threat Intelligence Report.
The company recorded over 8 million attacks worldwide, including 3.2 million in the EMEA region, disrupting critical infrastructure and major organisations.
Report findings:
- Massive Global Attack Volume – NETSCOUT observed more than 50 attacks greater than a terabit-per-second (Tbps) and multiple gigapacket-per-second (Gpps) attacks in the first half of 2025, including a 3.12 Tbps attack in the Netherlands and a 1.5 Gpps attack in the United States.
- Geopolitical Events Triggered Unprecedented DDoS Attacks – The India-Pakistan conflict saw hacktivist groups target the Indian government and financial sectors in May, while the Iran-Israel conflict generated more than 15,000 attacks against Iran and 279 against Israel in June.
- Botnet-Driven Attacks Gained Sophistication – More than 880 bot-driven DDoS attacks occurred daily in March, peaking at 1,600 incidents, with attack durations increasing to an average of 18 minutes.
- New Threat Actors Emerged – Leveraging DDoS-for-hire infrastructure, DieNet orchestrated over 60 attacks since March, while Keymous+ launched 73 attacks across 28 industry sectors in 23 countries.
- NoName057(16) Maintained Dominance – Claiming more than 475 attacks in March alone, 337% more than the next most active group, the hacktivist group targeted government websites in Spain, Taiwan, and Ukraine.
“As hacktivist groups leverage more automation, shared infrastructure, and evolving tactics, organisations must recognise that traditional defences are no longer sufficient,” stated Richard Hummel, director, threat intelligence, NETSCOUT.
“The integration of AI assistants and the use of large language models (LLMs), such as WormGPT and FraudGPT, escalates that concern. And, while the recent takedown of NoName057(16) was successful in temporarily reducing the group’s DDoS botnet activities, preventing a future return to the top DDoS hacktivist threat is not guaranteed.”
“Organisations need intelligence-driven, proven DDoS defences that can deal with the sophisticated attacks we see today.”
Also read: Ghana Hit with 4,753 DDoS Attacks, the Most in West Africa
About Author
