DigiCert released its first RADAR Threat Intelligence Brief, a quarterly publication delivering data-driven insights on emerging cyber threats. Drawing from trillions of network events across DigiCert’s global security platform, including UltraDNS, UltraDDoS Protect, and UltraWAF, RADAR provides one of the most comprehensive views of today’s evolving threat landscape.
The Q3 2025 RADAR brief highlights an unprecedented surge in distributed denial-of-service (DDoS) attacks that reached “internet tsunami” scale, with two events peaking at 2.4 terabits per second (Tbps) and 3.7 Tbps respectively. These attacks underscore a fundamental shift in cyber warfare where the internet itself becomes both the weapon and the battlefield.
Top Findings from the Q3 2025 DigiCert RADAR:
DDoS Attacks Reach Record Scale: DigiCert’s UltraDDoS Protect network absorbed multiple multi-terabit attacks—the largest seen to date—while preventing an estimated 3,000 hours of potential website downtime for customers.
Geopolitical Realignment Fuels Cyber Risk: Attack traffic increasingly originates from regions where digital infrastructure is outpacing regulation, with Vietnam, Russia, Colombia, and China ranking among the top five sources.
Higher Education Targeted: September saw a significant rise in DDoS attacks on universities and academic networks, ranking higher than financial services and IT/Software services, timed with peak enrollment periods and open campus infrastructures.
Automation Drives Modern Threats: Malicious web activity rose from 51% in July to 73% in September, with 32 million bot violations recorded in September alone, confirming that automation now powers most large-scale attacks.
FormErr Spike Highlights DNS Interdependence: DNS errors caused by misconfigurations jumped 22,000% mid-quarter, reflecting how quickly issues can ripple across the internet.
“Attackers are not just choosing between precision and scale anymore, they’re mastering both,” said Michael Smith, AppSec CTO at DigiCert. “Our data shows that targeted precision attacks dominated two of the three months, while large-scale carpet-bombing campaigns surged in August, accounting for 65% of all incidents. As threats grow more complex, organizations need visibility that spans infrastructure, applications and identity to stay resilient.”
Smith added, “We also saw that the United States bore the brunt of these attacks, accounting for 58% of global DDoS activity, with the United Kingdom (11%) and Saudi Arabia (11%) also heavily targeted. Adversaries are focusing their firepower on critical infrastructure and geopolitically significant regions, those where disruption has the greatest ripple effect.”
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
