DDoS Attacks Escalate Into Geopolitical Weapons, NETSCOUT Warns

Bengaluru, August 28: Distributed Denial-of-Service (DDoS) attacks are increasingly being weaponized to destabilize critical infrastructure worldwide, according to new research released by NETSCOUT Systems. The company on Thursday said it tracked more than 8 million DDoS attacks in the first half of 2025, including 3.2 million in the EMEA region, and warned that AI integration and hacktivist campaigns have created “unprecedented risks” for organizations.

Hacktivist groups such as NoName057(16) orchestrated hundreds of strikes each month, targeting communications, transport, energy, and defense sectors. The rise of DDoS-for-hire services has lowered barriers for novice attackers, while botnets of compromised IoT devices and servers delivered sustained, multi-vector assaults. In March, daily botnet-driven attacks averaged 880, peaking at 1,600, with durations stretching to 18 minutes.

Key incidents included a 3.12 Tbps attack in the Netherlands and a 1.5 Gpps strike in the US. Regional conflicts also amplified threats: India’s government and financial sectors faced hacktivist barrages amid the India-Pakistan standoff in May, while more than 15,000 attacks targeted Iran and nearly 300 targeted Israel during June’s Iran-Israel clashes.

Richard Hummel, director of threat intelligence at NETSCOUT, cautioned that traditional defenses are insufficient. “The integration of AI assistants and large language models such as WormGPT and FraudGPT escalates the concern,” he said. Despite a recent takedown of NoName057(16), Hummel noted that its return “is not guaranteed to be prevented”.

NETSCOUT said it monitors tens of thousands of daily attacks through its vantage points, protecting two-thirds of routed IPv4 space carrying peak traffic over 800 Tbps. The company urged organizations to adopt intelligence-driven defenses to withstand increasingly automated and complex DDoS campaigns.