Record 31.4 Tbps DDoS Hits Major Service – Lessons for Defenders

In Q4 2025 Cloudflare logged a 31.4 Tbps distributed denial‑of‑service assault, the largest ever measured. The multi‑vector attack combined UDP‑reflection, TCP SYN floods, and HTTP‑based amplification, leveraging a botnet of compromised IoT devices and misconfigured servers across dozens of continents. The traffic peaked for several minutes before being throttled by Cloudflare’s tier‑1 scrubbing infrastructure.

Defenders must note that traditional on‑prem firewalls and bandwidth limits are insufficient against petabit‑scale floods. The mitigation required over‑provisioned edge capacity, real‑time traffic profiling, and automated diversion to upstream scrubbing centers. Organizations should reassess their DDoS response playbooks, ensure layered defenses, and partner with providers that can absorb extreme volumes to avoid service outage and reputational damage.

Categories: Threat Intelligence, AI Security & Threats, Malware & Ransomware

Source: Read original article