ChannelLife New Zealand - Industry insider news for technology resellers
New Zealand

Guides

#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes

Search

Uk cyberattack computers servers overwhelmed digital traffic london
#
Advanced Persistent Threat Protection
#
Cartech
#
AI

DDoS attacks on AI firms surge 347% amid rising public scrutiny

Thu, 4th Dec 2025
Author image
By Melania Watson, Interview Editor

Distributed denial-of-service (DDoS) attacks targeting artificial intelligence companies soared by as much as 347% month-on-month in September 2025.

The steep increase coincided with heightened public debate and regulatory scrutiny around AI following polls and government reviews in the UK.

Attack surge

Cloudflare detected and mitigated 8.3 million DDoS attacks globally in the third quarter of 2025, marking a 15% rise compared to the previous quarter and 40% increase year-on-year. This equates to nearly 3,800 attacks each hour, underscoring the expanding scale of such threats.

By the close of Q3, the company had blocked 36.2 million attacks so far in 2025, already exceeding last year's figure by 70% with a quarter remaining.

Aisuru botnet impact

The Aisuru botnet played a significant role in this increase, with an estimated 1-4 million infected hosts worldwide. Aisuru's activity grew by 54% quarter-on-quarter, launching an average of 14 hyper-volumetric attacks daily. The botnet executed attacks surpassing 1 terabit per second and 1 billion packets per second, with peaks reaching 29.7 Tbps and 14.1 Bpps. These volumes are capable of causing widespread disruption, even affecting internet infrastructure not directly targeted.

Segments targeted by Aisuru included telecommunications, gaming, hosting providers and financial services. The effects were widespread, reportedly disrupting parts of the US Internet infrastructure by overwhelming ISPs with sheer traffic volume. Portions of Aisuru have also been offered as botnet-for-hire services, enabling large-scale attacks for relatively low cost.

Attack methods

Network-layer attacks overwhelmingly dominated in the third quarter, accounting for 71% of attacks and representing an 87% increase quarter-on-quarter. HTTP-targeted attacks decreased by 41% over the period. Attacks exceeding 100 million packets per second grew by 189% over the previous quarter, and those topping 1 Tbps rose by 227%.

Most attacks were short-lived, with 71% of HTTP attacks and 89% of network-layer attacks ending within 10 minutes. Despite their brevity, these attacks caused significant operational challenges, requiring lengthy recovery procedures for affected organisations.

Industry and regional targets

AI companies were among the largest targets in the third quarter, reflecting broader public anxiety and oversight of automation and generative AI. Mining, minerals and metals, as well as the automotive sector, also experienced significant surges in attack volumes. The latter leaped 62 spots to become the sixth most attacked industry globally, while mining and metals rose 24 spots to rank 49th.

Geopolitical tensions, such as EU-China disputes over electric vehicle tariffs and rare earth exports, coincided with these sectors seeing more attacks. The cybersecurity industry itself experienced a notable increase, climbing 17 places to become the 13th most attacked sector.

Countries experiencing protest movements - such as the Maldives, France, and Belgium - also recorded large jumps in attack frequency.

The Maldives saw the highest overall increase, climbing 125 places to 38th globally. France rose 65 spots following widespread industrial actions, while Belgium's volume increased by 63 places amid mass protests.

Attack origination

Asia remained the leading source of DDoS attacks, with Indonesia ranked as the largest origin globally for over a year. The proportion of HTTP DDoS attacks from Indonesia has climbed by nearly 32,000% over five years. China retained its place as the most-attacked country, followed by Turkey, Germany, the United States, and the Philippines, with the US and Philippines making notable leaps within the top ten.

Changing tactics

The rise in DDoS sophistication was also reflected in attack vectors. UDP-based attacks, a favoured method of Aisuru, increased by 231%. DNS, SYN, and ICMP floods were responsible for over half of all network-layer attacks. Meanwhile, HTTP floods originated predominantly from known botnets, with a portion arising from fake browsers and suspicious traffic patterns.

"Chunks of Aisuru are offered by distributors as botnets-for-hire, so anyone can potentially inflict chaos on entire nations by crippling backbone networks and saturating Internet links, disrupting millions of users and impairing access to essential services - all at a cost of a few hundred to a few thousand U.S. dollars," said Krebs on Security.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Gartner sees AI spend hitting USD $2.52trn by 2026
Armis unveils flexible global partner scheme for Centrix
Microsoft tops global phishing brand rankings again
Portnox unveils global channel push with new VP hire
Newo.ai, IONOS launch AI receptionist for small firms

Top stories

osapiens raises USD $100m to reach unicorn status
Siemens’ Nanjing plant named WEF Global Lighthouse
Rimini Street honoured for agentic AI & client success
GitLab rolls out Duo AI Agent Platform for DevOps teams
TeamViewer chief predicts AI’s practical turn by 2026