A new report from Radware highlights an alarming rise in cyberattacks throughout 2024, with web-based distributed denial-of-service (DDoS) incidents increasing by a staggering 550%. The company’s 2025 Global Threat Analysis Report attributes this surge to geopolitical instability, expanding digital attack surfaces, and the increasing use of AI to automate and scale cyberattacks.
DDoS Attacks Grow in Size, Duration, and Sophistication
Radware’s data shows that both network-layer and application-layer DDoS attacks became more intense in 2024. Key findings include:
- Longer, larger DDoS campaigns – The average network-layer DDoS attack lasted 37% longer than in 2023, while attack volume grew by 120%.
- Geopolitical motivations drive web DDoS attacks – Hacktivist activity fuelled a 550% increase in Layer 7 (L7) web-based DDoS attacks, with EMEA bearing 78% of global incidents.
- Industries under siege – The financial sector saw the steepest rise in attacks, with a 393% increase in DDoS volume, followed by transportation (375%) and e-commerce (238%).
- North America faces API and web app threats – The region suffered 66% of all web application and API attacks, with vulnerability exploitation as the most common attack method.
According to Pascal Geenens, Director of Threat Intelligence at Radware, the rapid advancement of AI is playing a major role in these developments. “AI-driven attack automation is lowering the skill threshold required to launch large-scale cyber campaigns. Combined with ongoing geopolitical conflicts, this is creating a perfect storm of persistent and more dangerous threats.”
Hacktivist Groups and State-Aligned Actors Drive Cyber Conflict
Hacktivism continued to be a dominant force in the cyber threat landscape, with a 20% rise in claimed DDoS attacks. Telegram-based intelligence collected by Radware reveals:
- Ukraine was the most targeted nation, experiencing 2,052 claimed DDoS attacks.
- Israel and the U.S. were also prime targets, with 1,550 attacks against Israel and an uptick in attacks targeting American entities.
- Government institutions bore the brunt of attacks, accounting for 20% of all hacktivist activity.
Several well-known hacker groups led the charge, including:
- NoName057(16) – The most active, claiming 4,767 DDoS attacks.
- RipperSec, Executor DDoS, and Cyber Army of Russia Reborn, all of which conducted significant attack campaigns.
Expanding Attack Surfaces Create New Challenges
Beyond DDoS, attackers continued to exploit vulnerabilities in digital infrastructure. Web application and API attacks grew by 41%, with more than a third of malicious traffic leveraging known exploits. Meanwhile, Layer 7 DNS DDoS attacks surged, with DNS flood queries rising 87% year-over-year—financial services bore the brunt of these attacks, followed by healthcare and telecom.
“Organisations are facing a constantly evolving threat landscape,” warned Geenens. “Security teams must move beyond static defences and adopt adaptive, AI-driven strategies to counter these increasingly sophisticated attacks.”
Radware’s full 2025 Global Threat Analysis Report is available for download
