NETSCOUT Reveals Rising Global DDoS Attacks

News Desk - 27/08/2025

NETSCOUT® SYSTEMS, INC. (NASDAQ: NTCT) has released its latest research on the evolving Distributed Denial-of-Service (DDoS) attack landscape. The company reported that it monitored more than 8 million DDoS attacks globally in the first half of 2025, including over 3.2 million in EMEA.

The research revealed that DDoS attacks are now precision-guided tools of geopolitical influence. Hacktivist groups, such as NoName057(16), orchestrated hundreds of coordinated attacks each month. Key targets included communications, transportation, energy, and defense sectors.

The study highlighted that DDoS-for-hire services have made attack tools accessible to novice actors. AI-driven automation, multi-vector strikes, and carpet bombing techniques are challenging traditional defenses. Botnets compromised tens of thousands of IoT devices, servers, and routers, causing widespread disruption.

Key findings from the report include:

NETSCOUT observed over 50 attacks greater than a terabit-per-second (Tbps) and multiple gigapacket-per-second (Gpps) attacks, including a 3.12 Tbps attack in the Netherlands and a 1.5 Gpps attack in the United States.
Geopolitical tensions fueled unprecedented attacks. The India-Pakistan conflict saw strikes on Indian government and financial sectors in May, while the Iran-Israel conflict triggered more than 15,000 attacks on Iran and 279 on Israel in June.
Botnet-driven attacks became more sophisticated, peaking at 1,600 daily incidents in March with an average duration of 18 minutes.

Richard Hummel, Director of Threat Intelligence at NETSCOUT, stated, “As hacktivist groups leverage more automation and evolving tactics, traditional defenses are no longer sufficient. AI assistants and large language models, like WormGPT and FraudGPT, escalate this threat. Intelligence-driven DDoS defenses are essential.”

NETSCOUT monitors two-thirds of the routed IPv4 space and protects network edges that handled global peak traffic of over 800 Tbps in 1H2025. The company tracks tens of thousands of daily attacks, following multiple botnets and DDoS-for-hire services using millions of compromised devices.