Cloudflare autonomously blocked hundreds of hyper-volumetric DDoS attacks, with peaks reaching 5.1 Bpps and 11.5 Tbps. The 11.5 Tbps incident was a UDP flood that mainly originated from Google Cloud and lasted about 35 seconds. Volumetric DDoS attacks overwhelm targets with massive traffic, causing network congestion, packet loss, degraded performance, and potential outages. Many such attacks are launched from botnets composed of infected computers, IoT devices, and other machines. Akamai warns that volumetric attacks can serve as 'smoke screens' for multi-vector intrusions that aim to steal data, transfer funds, or further exploit networks. Cloudflare previously mitigated a 7.3 Tbps attack in mid-May 2025.
"Over the past few weeks, we've autonomously blocked hundreds of hyper-volumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps," the web infrastructure and security company said in a post on X. "The 11.5 Tbps attack was a UDP flood that mainly came from Google Cloud." The entire attack lasted only about 35 seconds, with the company stating its "defenses have been working overtime."
"The initial impact of a volumetric attack is to create congestion that degrades the performance of network connections to the internet, servers, and protocols, potentially causing outages," Akamai says in an explanatory note. "However, attackers may also use volumetric attacks as a cover for more sophisticated exploits, which we refer to as 'smoke screen' attacks. As security teams work diligently to mitigate the volumetric attack, attackers may launch additional attacks (multi-vector) that allow them to surreptitiously penetrate network defenses to steal data, transfer funds, access high-value accounts, or cause further exploitation."
Collection
[
|
...
]