In the first half of 2025, the number of DDoS attacks on Russian companies increased by more than 60% compared to the same period in 2024. They are becoming not only more frequent but also more complex. Attackers use multi-vector methods and adapt in real time, seeking to inflict maximum damage.
According to analysts at Curator, 5.4 thousand attacks were recorded in the first half of the year, which is significantly more than 3.5 thousand in 2024. Their main targets remain the same: the financial sector (22.3%), IT and telecom (21%), and e-commerce (20.9%). The record intensity of attacks reached 965 Gbps, especially in the bookmaker segment.
Cybersecurity experts note that the capacity of attacks has increased. Attackers have switched to higher quality methods. Attacks at the network and transport layers increased by 58%, and at the application layer — by 62.6%. There is an increase in multi-vector attacks by 43%, but their average duration has decreased from 120 to 23 minutes.
An analysis by Roskomnadzor shows that about 65% of malicious traffic comes from abroad, mainly from Indonesia, the USA, Germany, and the Netherlands. Attackers use masking techniques, which makes it difficult to determine the sources of attacks.
According to experts, the reasons for the attacks may vary: from political motives to attempts to harm competitors. This is especially true for companies in the sports betting sector, which become victims of unfair competitors. At the same time, many DDoS attacks serve as a "smokescreen" for more targeted attacks on web applications.
Cybercriminals also adapt during the attack, changing tactics depending on the effectiveness of the defense. This creates additional difficulties for companies that seek to protect their systems from threats.
Read more on the topic:
The Ministry of Digital Development has launched the third stage of vulnerability hunting
The number of cyberattacks on "Gosuslugi" has stopped growing
Hackers have learned to attack clients of Russian banks through new special software
