Cybersecurity firms like Cloudflare are increasingly encountering record-breaking distributed denial-of-service (DDoS) attacks. These attacks, designed to overwhelm a network with massive amounts of traffic, are becoming more powerful and frequent. Earlier this month, Cloudflare mitigated what was then the largest DDoS attack on record, an 11.5 Tbps UDP flood. This specific attack, which originated primarily from Google Cloud, was part of a larger, ongoing series of attacks that lasted for several weeks.
In the second quarter of 2025 alone, Cloudflare’s systems automatically blocked the largest reported DDoS attacks to date, with one peaking at 7.3 Tbps and 4.8 billion packets per second (Bpps). The relentless nature of these attacks highlights a growing trend of more sophisticated and large-scale cyber threats targeting businesses and organizations worldwide. The speed and intensity of these attacks are a serious challenge for cybersecurity professionals.
The most recent DDoS attack that Cloudflare mitigated reached an unprecedented peak of 22.2 Tbps, surpassing the previous record by 12%. This makes it a full 1 Tbps larger than the largest attack documented by the notable cyber journalist Brian Krebs. This significant increase in scale demonstrates the rapid evolution of attack vectors and the necessity for equally advanced defense mechanisms to protect internet infrastructure.
To put the sheer size of these attacks in perspective, the 7.3 Tbps DDoS attack alone blasted 37.4 terabytes (TB) of data in just 45 seconds. This volume is the equivalent of streaming over 9,350 high-definition movies or downloading 9.35 million songs in under a minute. The amount of data is also comparable to a year’s worth of non-stop HD video streaming or 4,000 years of daily high-resolution photos, all condensed into an incredibly short timeframe.
This rise in large-scale DDoS attacks signals a major shift in the threat landscape. The attacks are not only becoming more frequent but are also escalating in magnitude, requiring robust and scalable defense systems. The continuous need for mitigation highlights the ongoing battle between cyber attackers and security firms. As long as the internet remains a critical part of global commerce and communication, these attacks will likely continue to push the boundaries of what’s possible, forcing security providers to constantly innovate their defense strategies.
Reference:
