Gcore: Gcore Radar report reveals 150% surge in DDoS attacks year-on-year

Gcore Report Reveals Surge in DDoS Attacks, Marking a New Era of Scale and Sophistication

A recent Gcore Radar report covering Q3–Q4 2025 highlights a dramatic escalation in DDoS attack activity, with volumes, frequency, and tactical complexity reaching unprecedented levels. The findings, released by Luxembourg-based infrastructure provider Gcore on March 24, 2026, underscore a shifting threat landscape driven by automation, expanded botnet infrastructure, and geopolitical instability.

Key Trends in DDoS Attacks
The total number of attacks surged to 1.3 million in Q4 2025, more than doubling the 512,000 recorded in the same period of 2024. Peak attack volumes skyrocketed to 12 Tbps, a sixfold increase from the previous high of 2.2 Tbps, reflecting the growing firepower of modern botnets. While 75% of network-layer attacks lasted under one minute indicating a rise in short, high-intensity bursts application-layer attacks trended longer, with 64% exceeding 10 minutes. This divergence suggests attackers are tailoring tactics to exploit vulnerabilities in both infrastructure and application defenses.

Targeted Sectors and Geographic Hotspots
Technology firms bore the brunt of attacks, accounting for 34% of incidents, followed by financial services (20%) and gaming (19%). These sectors were prioritized due to their reliance on real-time service availability, where disruptions yield immediate financial or operational consequences.

Geographically, Latin America emerged as a dominant source of attack traffic, with Mexico (31%) and Brazil (24%) leading network-layer activity. The U.S. remained a key player, contributing 20% of network-layer and 23% of application-layer attacks. The report attributes the regional concentration to the AISURU botnet, which disproportionately exploits vulnerable IoT devices in these areas.

Drivers Behind the Surge
Gcore identified several structural factors fueling the rise in DDoS attacks:

Broader access to attack tools, lowering the barrier to entry for cybercriminals.
Expansion of insecure IoT ecosystems, providing attackers with larger botnet resources.
Geopolitical and economic instability, creating opportunities for disruption.
Increasing sophistication of attack techniques, including automation for large-scale campaigns.

Network-Layer Attacks Dominate
Network-layer attacks comprised 82% of all incidents, a 20% increase from prior periods. Their prevalence stems from cost-effectiveness and ease of execution, making them a preferred method for attackers seeking rapid disruption. Meanwhile, application-layer attacks evolved to include automated scraping, account takeovers, and workflow manipulation, signaling a shift toward more targeted, business-impact-driven strategies.

The report concludes that mitigation strategies must adapt, emphasizing the need for globally distributed defense infrastructure to neutralize threats closer to their source particularly in regions like Latin America, where attack origination outpaces traditional traffic demand.

Source: https://hackread.com/gcore-radar-report-reveals-150-surge-in-ddos-attacks-year-on-year/

Gcore cybersecurity rating report: https://www.rankiteo.com/company/g-core

"id": "G-C1774340621",
"linkid": "g-core",
"type": "Cyber Attack",
"date": "7/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Technology', 'type': 'Technology firms'},
                       {'industry': 'Financial Services',
                        'type': 'Financial services'},
                       {'industry': 'Gaming', 'type': 'Gaming companies'}],
 'attack_vector': ['Network-layer attack', 'Application-layer attack'],
 'date_detected': '2025-Q3',
 'date_publicly_disclosed': '2026-03-24',
 'description': 'Gcore Radar report highlights a dramatic escalation in DDoS '
                'attack activity, with volumes, frequency, and tactical '
                'complexity reaching unprecedented levels. The total number of '
                'attacks surged to 1.3 million in Q4 2025, with peak attack '
                'volumes reaching 12 Tbps. The report underscores a shifting '
                'threat landscape driven by automation, expanded botnet '
                'infrastructure, and geopolitical instability.',
 'impact': {'operational_impact': 'Real-time service availability disruptions'},
 'lessons_learned': 'Mitigation strategies must adapt, emphasizing globally '
                    'distributed defense infrastructure to neutralize threats '
                    'closer to their source, particularly in regions like '
                    'Latin America.',
 'motivation': ['Disruption', 'Financial gain', 'Geopolitical instability'],
 'post_incident_analysis': {'root_causes': ['Broader access to attack tools',
                                            'Expansion of insecure IoT '
                                            'ecosystems',
                                            'Geopolitical and economic '
                                            'instability',
                                            'Increasing sophistication of '
                                            'attack techniques']},
 'recommendations': 'Adapt mitigation strategies to include globally '
                    'distributed defense infrastructure, enhanced monitoring, '
                    'and addressing insecure IoT ecosystems.',
 'references': [{'source': 'Gcore Radar Report Q3-Q4 2025'}],
 'title': 'Surge in DDoS Attacks - Q3-Q4 2025',
 'type': 'DDoS',
 'vulnerability_exploited': ['Insecure IoT devices', 'Automated attack tools']}

Gcore: Gcore Radar report reveals 150% surge in DDoS attacks year-on-year

GitHub and OpenAI: A message from John Furrier, co-founder of SiliconANGLE:

Intesa Sanpaolo: Italy data protection agency fines Intesa Sanpaolo $36 mln over data breach

Sterling Seacrest Pritchard: Sterling Seacrest Pritchard email breach exposes data of over 7,400 individuals