As digital innovation accelerates, so does the scale and sophistication of cyber threats, particularly distributed denial of service (DDoS) attacks. Hypervolumetric DDoS attacks, which overwhelm systems with floods of traffic, are growing in both frequency and complexity. According to our research, more than a third (37%) of European companies have suffered such an attack in the last year.
While disruptive in their own right, these attacks can also serve as a smokescreen for more specific incidents, such as SQL injection attacks. As security teams address the immediate chaos of the DDoS attack, malicious actors can exploit unnoticed vulnerabilities.
Recently, Cloudflare mitigated an unprecedented DDoS attack that peaked at 5.6 Tbps, the largest attack ever publicly disclosed. This came after a 3.6 Tbps attack earlier in the same campaign, which targeted industries such as finance, telecommunications and internet service providers. The campaign, which lasted a full month, consisted of more than 100 individual incidents, many of which exceeded 3 Tbps in volume.
For industries that rely on real-time operations, even a brief downtime can cause significant financial and reputational damage. The stakes are high, and organizations that are not prepared face catastrophic consequences.
Field CTO, EMEA, Cloudflare.
A global challenge in the IoT era
The proliferation of Internet of Things (IoT) devices has introduced new vulnerabilities into business environments. These devices often include security measures, including factory default usernames and passwords, while remaining constantly connected online. This creates the perfect environment for attackers to create botnets capable of launching large-scale anonymous cyberattacks. Compounding the problem is the global distribution of these devices, making it more difficult to predict when or where the next attack will occur.
Recent attacks, such as the Mozi and HTTP/2 vulnerabilities, originated from compromised devices in countries such as the United States, Russia, Brazil, and Vietnam. In these attacks, botnets composed of hijacked routers, webcams, and servers allowed attackers to attack from virtually anywhere. This global and decentralized nature of modern threats requires organizations to reconsider and evolve their cybersecurity strategies.
Today’s attackers increasingly combine volumetric attacks with application-level exploits, targeting specific system vulnerabilities. These multifaceted tactics make detection and mitigation more complex, as multiple layers of an organization’s IT infrastructure can be attacked simultaneously. To counter these challenges, companies must take a comprehensive approach to security. Monitoring both the network infrastructure and application layers is critical to identifying and addressing vulnerabilities before hackers can exploit them.
Defend against the evolving threat
Speed and accuracy are essential when identifying and mitigating today’s DDoS attacks. Automated systems powered by real-time machine learning and artificial intelligence have become indispensable. These technologies allow organizations to detect and neutralize threats, analyze traffic patterns, and respond instantly without human intervention. This approach means that organizations can prevent attacks before they have even started, strengthening their preventive security measures beyond simply combating them in real time.
Automation is a vital tool, but it is only one piece of the puzzle. A truly effective defense requires a multi-layered security strategy that combines advanced traffic filtering, real-time analytics, and actionable threat intelligence. These systems work together to differentiate legitimate traffic from malicious activity, allowing businesses to maintain continuity without compromising performance, reliability or security. It is also important for organizations to periodically review and test their incident response plans, ensuring teams are well prepared for real-world scenarios.
A global, high-capacity, anycast network is another powerful tool in the fight against high-volume attacks. By dispersing traffic across multiple data centers around the world, this approach ensures that no location is hardest hit by an attack, minimizing downtime and maintaining service continuity. For example, a connectivity cloud can absorb and redirect massive increases in traffic across its distributed infrastructure, providing seamless and scalable protection against even the largest DDoS campaigns.
Cloud computing services also play a critical role, acting as a buffer to absorb the impact of large-scale attacks that traditional on-premises systems cannot handle. However, organizations should carefully evaluate their vendors’ DDoS protection capabilities to ensure they can withstand the growing scale of threats.
Building a resilient future
The threat of hypervolumetric DDoS attacks is not going away. Nearly two-thirds (64%) of European business and technology leaders believe a cybersecurity incident is likely to occur over the next year, reflecting growing concern about the evolving threat landscape.
By leveraging global infrastructure, automating defenses, and layering security strategies, organizations can build the resilience needed to meet these challenges. Equally important is fostering a culture of security awareness and staying informed about emerging threats.
Cyber resilience against DDoS attacks will be a defining trait of successful organizations in the coming years. By adopting advanced tools, adopting zero trust strategies, and continually refining their cybersecurity posture, businesses can protect their systems and adapt to an ever-changing threat landscape.
We have compiled a list of the best network monitoring tools.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in today’s tech industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing, find out more here:
