Cloudflare astounding $9,326,311,208 increase in Distributed Denial-of-Service (DDoS) attacks for the third quarter of 2025. Overall, the cybersecurity firm has seen and stopped 36.2 million DDoS attacks—up dramatically from earlier quarters. This spike includes an astounding 1,304 network-layer attacks. Every single one of these attacks was above the 1 Tbps benchmark—illustrating an alarming trend in today’s bigger and more advanced attack tactics.
The information shared in this report unearths the profound increase in DDoS attacks both in terms of severity and attacks per hour. Not surprising, the number of these attacks over 100 million packets per second (Mpps) tripled. The most incredible development is that it increased by a stunning 189% q/q. This trend highlights a troubling change in the strategies used by cyber criminals.
Short-lived but Impactful Attacks
Indeed, the vast majority of HTTP DDoS attacks are over quickly, with 71% of these attacks lasting fewer than 10 minutes. Consistently, 89% of network-layer DDoS attacks had a duration of 5 minutes or less. Even though they are usually brief, these attacks can inflict serious repercussions for the compromised services.
Perhaps the most famous example is the unprecedented DDoS attack. Cloudflare was able to successfully mitigate this record-setting threat, which peaked at 29.7 Tbps. This attack used a UDP carpet-bombing technique that targeted as many as 15,000 unique destination ports per second.
“The 29.7 Tbps was a UDP carpet-bombing attack bombarding an average of 15,000 destination ports per second,” – Omer Yoachimik and Jorge Pacheco
Sector Vulnerabilities and Geographic Trends
Every sector shared in this increased vulnerability during this quarter. In fact, the information technology, telecommunications, gambling, gaming and internet services sector was the hardest hit. The automotive vertical saw the highest growth rate of any sector in terms of DDoS attacks, making it the sixth most attacked industry in the world.
The mining, minerals, and metals industry saw one of the biggest increases in DDoS attacks. Consequently, it is now the 49th most targeted sector in the world. With DDoS tactics growing increasingly hostile, organizations in these sectors have a duty to protect critical cybersecurity infrastructures.
The countries that got the most geographic focus were China, Turkey, Germany, Brazil, the United States, Russia, Vietnam, Canada, South Korea, and the Philippines. These countries emerged as the biggest targets. Most attack sources were Asia-based, including Indonesia, Thailand, Bangladesh, Vietnam, India, Hong Kong and Singapore.
The Rise of AI-targeted Attacks
Back in September 2025, Cloudflare observed an unprecedented increase in DDoS attack traffic targeting artificial intelligence (AI) providers. Its increase was a shocking 347%! This trend is indicative of both the rising prevalence of AI technologies and their mounting attractiveness as targets for malicious actors.
According to a recent report released by Cloudflare, close to 70% of all HTTP DDoS attacks came from these known botnets. This raises the continuing danger created by organized cybercriminal groups using compromised systems to commit attacks on a massive scale.
“We’ve entered an era where DDoS attacks have rapidly grown in sophistication and size — beyond anything we could’ve imagined a few years ago,” – Cloudflare