CyberSecurityBoard
Sponsor Register Login

Cloudflare mitigates record number of DDoS attacks in 2025

Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online entities and companies, with Cloudflare already responding to 20.5 million DDoS attacks in just the first quarter of 2025. "Of the 20.5 million DDoS attacks, 16.8M were network-layer DDoS attacks, and of those 6.6M targeted Cloudflare's network infrastructure directly," explains Cloudflare. Meanwhile, the trend of hyper-volumetric attacks continued unabated, with Cloudflare recording over 700 attacks that surpassed bandwidths of 1 Tbps (terabit per second) or packet rates of 1 billion packets per second. Cloudflare says it identified two emerging threats in 2025 Q1, namely Connectionless Lightweight Directory Access Protocol (CLDAP) and Encapsulating Security Payload (ESP) reflection/amplification attacks. One attack highlighted in Cloudflare's report, which occurred during 2025 Q1, concerns a US-based hosting provider that offers services to multiplayer gaming servers for Counter-Strike GO, Team Fortress 2, and Half-Life 2: Deathmatch. The previous record, also reported by Cloudflare, was a 5.6 Tbps DDoS attack attributed to a Mirai-based botnet comprising 13,000 devices. These attacks include Cloudflare itself, whose infrastructure was targeted directly in 6.6 million attacks over an 18-day multi-vector campaign. Gaming servers are popular targets for DDoS attacks, as the disruption can be highly damaging and impactful for publishers and entire player communities. The attack was 'hyper volumetric,' reaching 1.5 billion packets per second, though Cloudflare says it was still mitigated. The hyper-volumetric attacks that fall into these categories averaged eight daily during the year's first quarter, and the total count doubled compared to the previous quarter. Cloudflare explains that UDP in CLDAP requires no handshake, allowing IP spoofing, which the attackers exploit by forging the source IP address to reflect massive amounts of traffic to their target.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 28 Apr 2025 14:05:00 +0000


Cyber News related to Cloudflare mitigates record number of DDoS attacks in 2025

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cloudflare mitigates record number of DDoS attacks in 2025 - Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online ...
2 hours ago Bleepingcomputer.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
9 months ago Helpnetsecurity.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
1 year ago Cybersecuritynews.com CVE-2023-44487 Cloak
Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
1 year ago Techtarget.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
1 year ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
1 year ago Darkreading.com
Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
1 year ago Bleepingcomputer.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
1 year ago Esecurityplanet.com
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
1 year ago Darkreading.com
How to Arm Yourself With CloudFlare Security Solutions - Securing your website or digital asset is a critical part of running a successful business or website. With the rise of the digital era, the need to protect yourself from cyber-attacks is essential. That's why CloudFlare, the leading cloud solution ...
2 years ago Blog.cloudflare.com
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
1 year ago Feedpress.me
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
1 year ago Itsecurityguru.org
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
1 year ago Helpnetsecurity.com
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
9 months ago Bleepingcomputer.com
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
1 year ago Cyberdefensemagazine.com
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
1 year ago Hackread.com
Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps - Typically, threat actors launching DDoS attacks rely on large networks of infected devices (botnets) or look for ways to amplify the delivered data at the target, which requires a smaller number of systems. After scanning the public internet for ...
6 months ago Bleepingcomputer.com
Cybersecurity and Infrastructure Security Agency Reports Minimal Impact of Killnet Distributed Denial of Service Attacks on American Hospitals - The Cybersecurity and Infrastructure Security Agency (CISA) reported that it had assisted numerous hospitals in responding to a series of distributed denial-of-service (DDoS) attacks last week, which were launched by a pro-Kremlin hacking group known ...
2 years ago Therecord.media
Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
1 year ago Go.theregister.com
Russian state-owned Sberbank hit by 1 million RPS DDoS attack - Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Sberbank is a majority state-owned banking and financial services company and the ...
1 year ago Bleepingcomputer.com
Pro-Russian DDoS Attacks Alarm Denmark and US - Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups have caused alarm in the US and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it ...
2 years ago Therecord.media
87% of DDoS Attacks Targeted Windows OS Devices in 2023 - Computers and servers became the primary target of attacks, making up 92% of DDoS attempts, compared to only 68% in the previous year. Attacks are also becoming shorter and less frequent, but more powerful. While the overall count in attack frequency ...
11 months ago Darkreading.com
Recently patched CUPS flaw can be used to amplify DDoS attacks - As Akamai security researchers found, a CVE-2024-47176 security flaw in the cups-browsed daemon that can be chained with three other bugs to gain remote code execution on Unix-like systems via a single UDP packet can also be leveraged to ...
6 months ago Bleepingcomputer.com CVE-2024-47176
Hackers are Launching DDoS Attacks During Peak Business Hours - Many security practitioners have seen distributed denial-of-service attacks carried out during peak business hours, when firms are more likely to be understaffed and caught off guard. DDoS attacks are a year-round threat, but we've seen an increase ...
1 year ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)