BylinesThreat Detection & Defense

Cloudflare Perspective: Preparing for 2026 and Relentless DDoS Attacks

Reflecting a Fundmentally Changing Cyber Threat Landscape Marked by the Escalation of DDoS Attacks

The cyber threat landscape has fundamentally shifted, marking our entry into an era where DDoS attacks are escalating in both magnitude and complexity to levels previously unimaginable. Today, these attacks do not just overwhelm bandwidth; they disrupt critical application workflows, degrade customer experience, and, in many cases, serve as a means to execute data theft or ransomware deployments.

In the third quarter of 2025 alone, our autonomous defences blocked 8.3 million DDoS attacks. That is an average of almost 3,780 DDoS attacks per hour. In fact, the number of DDoS attacks grew by 15% QoQ and 40% YoY.

The Aisuru botnet came with a massive army of an estimated 1–4 million infected hosts globally. Aisuru unleashed hyper-volumetric DDoS attacks routinely exceeding 1 terabit per second (Tbps) and 1 billion packets per second (Bpps). The scale was unprecedented, with attacks peaking at 29.7 Tbps and 14.1 Bpps. In addition, DDoS attack traffic against Artificial Intelligence (AI) companies surged by as much as 347% MoM in September 2025. And, when we look at Asia, seven out of the top ten attack sources originate within the region, with Indonesia in the lead. The market has been the world’s largest source of DDoS attacks since Q3 2024. China remained the most attacked, and the Philippines saw the largest increase in attacks, jumping by 20 spots in Q3.

Adapting to Escalating DDoS Attacks and a Changing Cyber Threat Landscape

Looking ahead to 2026, adaptability will be the defining factor in planning security infrastructure. As attackers refine their techniques and adopt tools to evade defences, organisations in Asia must embrace an adaptive security architecture—one that learns from evolving threats and autonomously predicts and responds to attacks.

This means the responsible use of AI- and ML-powered tools in security will become a critical boardroom discussion in the next year, as they form a core component of that adaptive, intelligence-driven architecture. With these tools, organisations can analyse vast amounts of network data to identify subtle attack patterns and anomalies that traditional systems might miss. They also grant IT teams the ability to learn from each new attack, applying new policies or rules to mitigate threats in seconds.

Cyber threats will only become more sophisticated, and organisations will continue to operate in an increasingly complex environment. The year ahead will demand greater resilience, but with an adaptive, intelligence-driven security architecture, organisations can stay one step ahead.

Goran Risticevic

Vice President and Managing Director, Asia Pacific, at Cloudflare

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *