Cloudflare has successfully mitigated an unprecedented DDoS (Distributed Denial of Service) attack, with a peak bandwidth of 11.5 terabits per second, which lasted approximately 35 seconds without causing any disruption to online services.
In what marks a significant milestone in cybersecurity defenses, Cloudflare effectively countered the largest recorded DDoS attack to date. The attack approached a staggering 11.5 terabits per second during its peak and was neutralized within a brief window of 35 seconds, illustrating Cloudflare’s capabilities in maintaining service integrity during substantial threats.
As reported by Cloudflare, this massive assault predominantly manifested as a UDP flood. Early assessments attributed a significant portion of the malicious traffic to Google Cloud; however, in-depth analysis indicated it was generated through a combination of compromised IoT devices and numerous cloud service providers. This complexity further underscores the evolving nature of such cyber threats.
Attacks of this magnitude aim to overwhelm internet infrastructure by inundating it with an excessive number of requests, which can incapacitate unprotected services. To contextualize this immense scale, the bandwidth involved was comparable to streaming thousands of HD films simultaneously.
This incident is indicative of an alarming trend in increasingly large DDoS attacks. Just a year prior, in June 2025, Cloudflare mitigated a 7.3 Tbps attack that delivered a staggering 37.4 terabytes of data in under a minute. The previous year also saw a notable 5.6 Tbps attack, setting a precedent for the escalating threat landscape. In fact, Cloudflare reported mitigating over 27 million attacks within the first half of 2025 alone, surpassing the total count of the previous year.
While such statistics underscore the growing scale of DDoS campaigns, experts caution that the true measure of threat lies not solely in size. William Manzione, a Product Manager at RETN, emphasized that the significance of an 11.5 terabit flood is mitigated by its brief duration; it is the persistent and complex attacks that pose the most substantial risks to operational continuity.
He further articulated that the real benchmark for effective defense in 2025 revolves around whether websites remain operational, APIs remain responsive, and businesses function uninterrupted amidst these threats. RETN has accelerated its scrubbing capacity significantly, increasing it by over 5000% to better combat contemporary multi-terabit floods.
Although Cloudflare has not disclosed the specific target of this record-breaking attack, it reassured clients that its systems absorbed the influx of malicious traffic seamlessly, highlighting the functionality of its autonomous mitigation tools in averting major disruptions.
The documented 11.5 Tbps attack reflects the ongoing escalation of tactics employed by cyber adversaries, pressing internet infrastructure to its limits. As a response, service providers are significantly investing in enhanced capacity and advanced intelligence to bolster defenses against future large-scale DDoS campaigns. Business owners concerned about cybersecurity risks can look to specialized mitigation firms to secure their operations from such evolving threats.
