Cyber-assaults via Distributed Denial of Service (DDoS) have significantly increased since the end of 2023, leaving telecommunications companies under constant scrutiny
Surge in DDoS Attacks Paints Grim Picture for Cybersecurity
A recent report from Akamai and FS-ISAC has revealed a concerning trend in Distributed Denial of Service (DDoS) attacks against the financial services sector. The report, based on over 62,000 threat detections among Zayo customers, indicates a significant increase in DDoS attacks from 2023 to 2024, with the trend continuing into 2025.
Rising Tide of DDoS Attacks
From 2023 to 2024, DDoS attacks significantly increased both in volume and intensity across various industries. Studies and reports indicate a rise of over 300% in DDoS attacks in 2023, followed by a further 41% increase in 2024. This upward trend continued into 2025, with DDoS attacks 44% higher in Q2 2025 compared to Q2 2024.
Hyper-Volumetric Attacks on the Rise
Hyper-volumetric attacks, such as Layer 3/4 attacks exceeding 1 billion packets per second or 1 Tbps, and HTTP floods exceeding 1 million requests per second, have surged dramatically. The number of attacks exceeding 100 million packets per second increased by 592% quarter-over-quarter into 2025. On average, these attacks resulted in 71 per day, with over 6,500 blocked in just Q2 2025.
Targeted Industries
Several industries have been heavily targeted by DDoS attacks. Retail faced a 60% increase in bot-driven DDoS attacks in 2024, exploiting e-commerce platform vulnerabilities and causing financial losses and customer trust damage. The healthcare sector was also targeted, with 100% of healthcare sites experiencing bot attacks in 2024. APIs have seen a 39% rise in bot attacks, reflecting attackers’ focus on modern application backbones.
Notable Incidents and Insights
The largest recorded DDoS attack was observed in 2025, peaking at 7.3 Tbps and 4.8 billion packets per second. This unprecedented scale of attacks highlights the critical nature of these attacks on critical infrastructure. An intense 18-day DDoS campaign against Cloudflare protected assets ended in early 2025 but contributed to the exceptionally high quarterly attack numbers.
Increasingly, DDoS is being used as a smoke screen for more complex intrusions, with attackers exploiting vulnerabilities such as cloud misconfigurations and API flaws during or after DDoS attacks.
Implications and Response
These trends point to an escalating and evolving DDoS threat landscape, requiring heightened cybersecurity defenses tailored to both large-scale volumetric attacks and application-level threats. In response, Microsoft has announced plans to enhance additional validation on its Azure network by November. The novel HTTP/2 Rapid Reset zero-day vulnerability was exploited by DDoS attackers, underscoring the need for continuous monitoring and improvement in cybersecurity measures.
As DDoS attacks reach an all-time high, it is crucial for organisations to prioritise cybersecurity defenses and stay vigilant against these threats.
- The rise in DDoS attacks across various industries, particularly finance and business, has introduced a new wave of vulnerability in cyberspace, as indicated by the 41% increase in 2024 and the 44% surge in Q2 2025.
- The escalating DDoS threat landscape has led to an intensification of technological countermeasures, with Microsoft planning to boost additional validation on its Azure network to address the growing concerns in cybersecurity.
- The growing enmity towards the finance industry has resulted in targeted DDoS attacks, such as those experienced by the retail sector in 2024, with a 60% increase in bot-driven attacks and associated financial and trust losses.
%20have%20significantly%20increased%20since%20the%20end%20of%202023%2C%20leaving%20telecommunications%20companies%20under%20constant%20scrutiny){kind=link}