DDoS
We've curated 87 cybersecurity statistics about DDoS to help you understand how these disruptive attacks, which overwhelm networks and services, are evolving in 2025. Stay informed on the latest techniques and defenses against this growing threat!
Showing 1-20 of 87 results
Web DDoS attacks targeting OSI layer 7 increased by 101.4% compared to 2024.
Most high-impact Web DDoS attacks now last less than 60 seconds.
In the second half of 2025 the average Radware customer experienced more than 25,351 network-layer DDoS attacks, averaging 139 attacks per day.
North America accounted for 63.1% of all network-layer DDoS attacks globally, followed by the Middle East (16.1%) and Europe (13.7%).
The technology sector represented 45% of all network-layer DDoS attacks, up from 8.77% in 2024.
EMEA accounted for 57% of all Web DDoS attacks globally.
APAC's Web DDoS attacks surged 485% year over year.
Peak network-layer DDoS attack volumes reached almost 30 Tbps.
Network-layer DDoS attacks targeting OSI layers 3–4 increased 168.2% year over year.
94.4% of Web DDoS attacks measured under 100,000 requests per second.
60% of all reported cyber incidents in 2024 were Distributed Denial-of-Service (DDoS) attacks.
29% of leaders at financial services firms say they are unprepared to recover effectively from a Distributed Denial of Service attack.
20% of organizations cited denial-of-service attempts as the most common API security problem.
Within Public Administration, incidents were dominated by low-impact DDoS campaigns (94.8%).
State-aligned operations, often driven by low-impact DDoS campaigns targeting EU Member States’ organisations’ websites, resulted in service disruption in only 2% of incidents.
Comcast Business detected 44,000 DDoS attacks, which often utilised short bursts and carpet-bombing techniques to overwhelm and test defenses
DDoS short bursts used as reconnaissance were also observed: 405 events in less than 5 minutes and 56 events in less than 10 seconds.
One observed Layer 7 DDoS attack used around 20,000 legitimate HTTP requests per minute to disrupt sensitive areas. This is compared to 200 million packets per second for brute force attacks, indicating that precision can be more dangerous if unnoticed.
The highest maximum number of packets transmitted per second recorded was 207,090,400 packets per second in the first half of 2025. 207 million packets per second can paralyze firewalls, servers, and entire networks within seconds.
Targeted sectors by DDoS attack in the first half of 2025: Defense (23% - an increase of 14%), retail & e-commerce (18% - an increase of 8%), logistics & transport (15% - an increase of 9%), public sector (11%), education (9%), finance (6%), healthcare (5%), telco (5%), technology, IT, Internet (4%), and other (4%).