Source URL: https://blog.cloudflare.com/ddos-threat-report-for-2025-q2/
Source: The Cloudflare Blog
Title: Hyper-volumetric DDoS attacks skyrocket: Cloudflare’s 2025 Q2 DDoS threat report
Feedly Summary: June was the busiest month for DDoS attacks in 2025 Q2, accounting for nearly 38% of all observed activity.
AI Summary and Description: Yes
**Summary:** The Cloudflare DDoS Threat Report 2025 Q2 reveals critical insights into the ongoing threat landscape of Distributed Denial of Service (DDoS) attacks. With notable peaks in attack sizes, especially hyper-volumetric attacks, the report highlights trends and defensive strategies, emphasizing the need for proactive, real-time protection against evolving DDoS threats.
**Detailed Description:**
The 22nd edition of the Cloudflare DDoS Threat Report provides an in-depth analysis of DDoS attack patterns for the second quarter of 2025, showcasing significant developments in both attack frequency and methodologies as well as defensive measures taken by Cloudflare.
**Key Insights Include:**
– **Record-breaking Attack Sizes:**
– Cloudflare mitigated DDoS attacks peaking at **7.3 Tbps** and **4.8 billion packets per second (Bpps)**. This showcases an unprecedented level of DDoS attacks targeting critical infrastructure.
– **Trends in Attack Frequency:**
– Despite a quarterly decrease, attacks in Q2 2025 increased by **44% compared to Q2 2024**.
– Cloudflare blocked **7.3 million DDoS attacks** in Q2 2025, which is significantly high given the dynamics of internet attack landscapes.
– **Sector Vulnerability:**
– The **Telecommunications, Service Providers, and Carriers** sector remains the most attacked, illustrating the ongoing vulnerabilities in critical infrastructure domains.
– **DDoS Attack Types:**
– **Hyper-volumetric DDoS attacks** experienced a surge, leading to an increase in the average number of such attacks to **71 per day**.
– Specific attack methods like **DNS flood attacks**, **SYN flood attacks**, and **UDP floods** continue to dominate as primary attack vectors, stressing the importance of tailored defensive measures against these attacks.
– **Emerging Threats:**
– Increasing experimental use of lesser-known DDoS types such as **Teeworlds floods** and **RDP floods**, indicating a shift towards utilizing both new and legacy protocols to evade detection.
– **Defensive Strategies:**
– Rapid detection and mitigation are emphasized through Cloudflare’s global network and robust automated defenses, which utilize extensive real-time threat intelligence for immediate response actions across thousands of attacks.
– The report suggests that proactive, always-on defenses are significantly more effective for mitigating DDoS attacks, aligning with best practices in security operations.
– **Collaboration and Threat Intelligence:**
– Cloudflare offers a free DDoS Botnet Threat Feed for service providers, enhancing community defenses against botnet-driven attacks and facilitating collaboration across the cybersecurity ecosystem.
The report underscores the rapidly evolving strategies by threat actors, necessitating continuous innovation in defense mechanisms for organizations reliant on internet infrastructure. DDoS attacks, being a persistent threat, require vigilant adaptations in security strategies integrated within cloud and infrastructure systems.