Reflecting on 2025, NetScout states that global tensions and geopolitical conflicts shaped many of the year’s headlines, with the combats between Israel–Hamas and Russia–Ukraine taking centre stage. These events not only took place in the physical world, but also extended into the digital realm, creating unprecedented risks for organisations globally.

According to NetScout’s latest Threat Intelligence Report, threat actors launched more than 8 million distributed denial-of-service (DDoS) attacks globally in the first half of 2025 alone. This activity was fuelled by two types of ammunition: geopolitical hacktivism and artificial intelligence (AI)-enhanced automation.

High-profile DDoS attack activity that took place this year globally included:

• More than 1,400 cyberattacks during the World Economic Forum in Switzerland – double normal rates when compared to similar time periods in December
• Notable surge in DDoS attacks during May’s conflict between India and Pakistan, with hacktivist groups such as SYLHET GANG-SG and Keymous+ targeting the Indian government and financial sectors
• A barrage of DDoS attacks against Iranian targets, mirroring the intensified relations between Israel and Iran in June

Amid these escalating cyberthreats, the need for immediate, proactive defense measures has never been greater. Richard Hummel, threat intelligence lead for NetScout, explores how geopolitical hacktivism and AI shaped 2025’s DDoS activity – and what organisations can do to protect themselves:

“2025 paints a sobering picture of DDoS prevalence. Geopolitical unrest was a consistent driving force behind attacks; threat actors capitalised on periods of civil unrest and conflict to further their acts of political activism. This paved gateways for geopolitical tensions to bleed from the physical battleground to the digital,” said Hummel.

“Meanwhile, AI reshaped the DDoS landscape. DDoS-for-hire services now use AI-enhanced automation, enabling threat actors to launch more sophisticated attacks in a matter of minutes. Cybercriminals have even started integrating AI assistants into these platforms², allowing users to describe their objectives to chatbots in natural language instead of having to understand complex technical concepts. This has democratised DDoS attacks, lowering the skill barrier for novice hacktivists and widening the threat spectrum.”

“Looking ahead, geopolitical DDoS hacktivism and AI-driven attacks show no signs of relenting. Organisations must respond with proactive, intelligence-driven mitigation to stay ahead of geopolitical hacktivists and increasingly sophisticated AI-powered DDoS campaigns. This involves employing advanced DDoS protection and real-time threat intelligence. To counter AI-enhanced attacks, enterprises can fight fire with fire and use AI to bolster their DDoS defences. A proactive, AI-driven approach starts with advanced monitoring tools that use automation to detect patterns of automated behaviour,” Hummel concluded.

Other posts by :

1. Bank: Opportunities for SES and Eutelsat
2. Bank: SES outperforming
3. AST SpaceMobile confirms 2026 launch schedule
4. AST SpaceMobile: “Good for indoor reception”
5. EchoStar booms on SpaceX holding
6. Norway wants a satellite constellation
7. Crossroads backs AST SpaceMobile
8. FCC examines SpaceX’s 15,000 sat-constellation plan
9. EchoStar: “Severe uncertainty” led to spectrum sales

Categories: AI, Articles, Broadband, Research

Tags: AI, ddos, NetScout, russia