Targeted by 20.5 million DDoS attacks, up 358% year-over-year: Cloudflare’s 2025 Q1 DDoS Threat Report
DDoS attacks are surging. In 2025 Q1, Cloudflare blocked +20M attacks (a 358% YoY spike) along with 5.6 Tbps and 4.8 Bpps record-breaking attacks.
TAG
DDoS attacks are surging. In 2025 Q1, Cloudflare blocked +20M attacks (a 358% YoY spike) along with 5.6 Tbps and 4.8 Bpps record-breaking attacks.
Welcome to the 18th edition of the Cloudflare DDoS Threat Report. Released quarterly, these reports provide an in-depth analysis of the DDoS threat landscape as observed across the Cloudflare network. This edition focuses on the second quarter of 2024
Here is a reading list with 2023 trends, what you need to know about attacks, and a guide on how to stay protected using Cloudflare
In 2022, cybersecurity, more than ever, is a must-have for those who don’t want to take chances on getting caught in a cyberattack with difficult to deal with consequences. Here’s a reading list what you need to know about attacks that is also a guide on how to be protected
Welcome to our 2022 Q2 DDoS report. This report includes insights and trends about the DDoS threat landscape — as observed across the global Cloudflare network
Welcome to our first DDoS report of 2022, and the ninth in total so far. This report includes new data points and insights both in the application-layer and network-layer sections — as observed across the global Cloudflare network between January and March 2022
In Q4, we observed a 95% increase in L3/4 DDoS attacks and record-breaking levels of Ransom DDoS attacks. The Manufacturing industry was the most targeted alongside a 5,800% increase in SNMP-based DDoS attacks and massive campaigns against VoIP providers around the world
Over the past months, we’ve been tracking and analyzing the activity of the Meris botnet.
In Q3, 2021 we saw and mitigated record-setting HTTP DDoS attacks, terabit-strong network layer attacks, one of the largest botnets ever deployed (Meris), and more recently, ransom attacks on Voice-over-IP (VoIP) service providers.
Because of the sustained attacks we are observing, we are sharing details on recent attack patterns, what steps they should take before an attack, and what to do after an attack has taken place.
Over the past month, multiple Voice over Internet Protocol (VoIP) providers have been targeted by Distributed Denial of Service (DDoS) attacks from entities claiming to be REvil.
Cloudflare is excited to announce our Back to School initiative that provides special K-12 Education pricing to help school districts stop cyber attacks while improving web performance.
The DDoS attack trends observed over Cloudflare’s network in 2021 Q2 paint a picture that reflects the overall global cyber threat landscape. Here are some highlights of DDoS attack trends observed in 2021 Q2.
Imagine your most critical systems suddenly stop operating. And then someone demands a ransom to get your systems working again. Or someone launches a DDoS against you and demands a ransom to make it stop. That’s the world of ransomware and ransom DDoS.
DDoS attack trends in the final quarter of 2020 defied norms in many ways. For the first time in 2020, Cloudflare observed an increase in the number of large DDoS attacks. Specifically, the number of attacks over 500Mbps and 50K pps saw a massive uptick.
In late 2020, a major Fortune Global 500 company was targeted by a Ransom DDoS (RDDoS) attack by a group claiming to be the Lazarus Group. Cloudflare quickly onboarded them to the Magic Transit service and protected them against the lingering threat.
In Q3 ‘20, Cloudflare observed a surge in DDoS attacks, with double the number of DDoS attacks and more attack vectors deployed than ever — with a notable surge in protocol-specific DDoS attacks such as mDNS, Memcached, and Jenkins amplification floods.