Radware Reports 168% DDoS Surge to 30 Tbps and 128% API Attack Rise
Radware reported network-layer DDoS attacks surged 168.2% year-over-year, peaking near 30 Tbps and averaging 139 daily attacks per customer in H2 2025. Web-layer attacks rose 101.4%, application/API assaults increased 128%, and bad bot traffic climbed 91.8%, highlighting escalating cyber threats.
1. Network-layer DDoS escalation
Radware’s analysis shows network-layer attacks rose 168.2% year-over-year, with peak volumes near 30 Tbps. In the second half of 2025, customers faced an average of 139 network-layer DDoS attacks per day, underscoring a resurgence of large-scale volumetric threats.
2. Web-layer attack growth
Web DDoS incidents climbed 101.4% compared to 2024, with 94.4% of attacks registering under 100,000 requests per second. Online services, financial firms and retailers were the most targeted, reflecting a shift toward rapid, hard-to-detect application-layer disruptions.
3. Application and API exploitation
Malicious web application and API transactions increased 128% year-over-year, driven by vulnerability exploitation accounting for 41.8% of attacks overall and rising to 58% in Q4 2025. Technology-driven companies with extensive API ecosystems faced the heaviest exploitation.
4. AI-driven bots and hacktivism
Bad bot activity jumped 91.8%, reaching 89.2% of all 2024 bot volume in just six months of 2025, fueled by generative AI tools. Hacktivist group NoName057 claimed a record 4,693 attacks, highlighting ideological drivers behind sustained DDoS campaigns.