As digital innovation accelerates, the scale and sophistication of cyber threats, particularly distributed denial of service (DDoS) attacks, also increases. Hyper-volumetric DDoS attacks, which overwhelm systems with floods of traffic, are increasing in frequency and complexity. According to our research, more than a third (37%) of European businesses have been victims of such an attack in the last year.
While disruptive in their own right, these attacks can also serve as a smokescreen for more targeted incidents, such as SQL injection attacks. While security teams tackle the immediate chaos of the DDoS attack, malicious actors can exploit unnoticed vulnerabilities.
Recently, Cloudflare mitigated a record DDoS attack peaking at 5.6 Tbps – the largest attack ever publicly disclosed. This follows a 3.6 Tbps attack earlier in the same campaign, which targeted industries including finance, telecommunications and internet service providers. Spanning an entire month, the campaign included more than 100 individual incidents, many of which exceeded 3 Tbps in volume.
For industries that rely on real-time operations, even brief downtime can cause significant financial and reputational damage. The stakes are high and organizations that are not prepared face catastrophic consequences.
Field CTO, EMEA, Cloudflare.
A global challenge in the IoT era
The proliferation of Internet of Things (IoT) devices has introduced new vulnerabilities into enterprise environments. These devices often have security measures including default usernames and passwords while remaining constantly connected online. This creates an ideal environment for attackers to create botnets capable of launching large-scale anonymous cyberattacks. The problem is compounded by the global distribution of these devices, which makes it more difficult to predict when and where the next attack will occur.
Recent attacks, such as the Mozi and HTTP/2 vulnerabilities, originated from compromised devices in countries including the United States, Russia, Brazil, and Vietnam. In these attacks, botnets consisting of hacked routers, webcams, and servers allowed attackers to attack from virtually anywhere. This global and decentralized nature of modern threats requires organizations to rethink and evolve their cybersecurity strategies.
Today’s attackers increasingly combine volumetric attacks with application-layer exploits, targeting specific system vulnerabilities. These multi-pronged tactics make detection and mitigation more complex because multiple layers of an organization’s IT infrastructure can be attacked simultaneously. To address these challenges, businesses must take a holistic approach to security. Monitoring network infrastructure and application layers is essential to identify and remediate vulnerabilities before hackers can exploit them.
Defending against the evolutionary threat
Speed and accuracy are essential to identifying and mitigating today’s DDoS attacks. Automated systems powered by real-time machine learning and artificial intelligence have become indispensable. These technologies enable organizations to detect and neutralize threats, analyze traffic patterns, and respond instantly without human intervention. This approach means that organizations are able to prevent attacks before they even begin, strengthening their preventative security measures beyond simply combating them in real time.
Automation is an essential tool, but it’s only one piece of the puzzle. A truly effective defense requires a multi-layered security strategy combining advanced traffic filtering, real-time analytics and actionable threat intelligence. These systems work together to differentiate legitimate traffic from malicious activity, allowing businesses to maintain continuity without compromising performance, reliability or security. It is also important for organizations to regularly review and test their incident response plans, to ensure teams are well prepared for real-world scenarios.
A high-capacity global Anycast network is another powerful tool in the fight against high-volume attacks. By distributing traffic across multiple data centers around the world, this approach ensures that no single location bears the brunt of an attack, minimizing downtime and maintaining service continuity. For example, a connectivity cloud can absorb and redirect massive traffic spikes through its distributed infrastructure, providing seamless and scalable protection against the largest DDoS campaigns.
Cloud computing services also play a vital role, acting as a buffer to absorb the impact of large-scale attacks that traditional on-premises systems cannot handle. However, organizations should carefully evaluate their vendors’ DDoS protection capabilities to ensure they can withstand the growing scale of threats.
Building a resilient future
The threat of hyper-volumetric DDoS attacks is not going away. Nearly two-thirds (64%) of European business and technology executives believe a cybersecurity incident is likely in the next year, reflecting growing concern over the evolving threat landscape.
By leveraging global infrastructure, automating defenses, and layering security strategies, organizations can build the resilience needed to face these challenges. Equally important is fostering a culture of security awareness and staying informed about emerging threats.
Cyber resilience in the face of DDoS attacks will be a defining trait of successful organizations in the years to come. By adopting advanced tools, adopting Zero-Trust strategies, and continually refining their cybersecurity posture, businesses can protect their systems and adapt to an ever-changing threat landscape.
We have compiled a list of the best network monitoring tools.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you’re interested in contributing, find out more here:
