ai-powered ddos — Cyprus must prepare for the rising threat of AI-powered DDoS attacks, as outlined in the latest quarterly report from cybersecurity firm Qrator Labs. The Q3 2025 DDoS Intelligence Report highlights a significant shift in the cyber threat landscape, where artificial intelligence is driving the expansion of massive botnets capable of launching automated attacks on an unprecedented scale.
Ai-powered ddos: AI Tools Fueling Cyber Attacks
According to Qrator Labs, the firm has been monitoring a botnet comprising 5.76 million compromised devices over the past six months. The majority of these vulnerable systems are located in Brazil, Vietnam, the United States, India, and Argentina. This alarming trend signifies that attackers now possess the ability to locate and exploit vulnerable devices more efficiently than ever before.
Escalation of DDoS Attacks
Andrey Leskin, Chief Technology Officer at Qrator Labs, pointed out that while the prevalence of vulnerable devices is not new, the velocity at which attackers can exploit them has dramatically improved due to AI advancements. He noted, “The sheer number of vulnerable devices is nothing new — we’ve seen this before in previous years. What has changed in 2025 is that attackers can now find and capture them much faster and more efficiently, thanks to AI.” Last year, the largest recorded DDoS botnet included around 227,000 devices. The current landscape shows a staggering increase, with attackers now capable of harnessing networks that are approximately 25 times larger.
Diverse Sectors Under Attack
The report also indicates that the financial technology sector has become a prime target, accounting for 26.1% of all DDoS attacks in the third quarter of 2025. E-commerce follows closely behind at 22.0%, with the media sector at 15.8%, and information and communication technology making up 14.5% of attacks. Notably, the most powerful DDoS attack recorded this quarter targeted an e-commerce firm, reaching an unprecedented 1.15 Tbps, surpassing the previous year’s peak of 1.14 Tbps.
Emergence of New Threats
Qrator Labs’ findings reveal that Brazil has emerged as the largest source of application-layer (L7) DDoS attacks, constituting 19% of all malicious traffic in the third quarter. In contrast, Vietnam has seen a substantial rise, moving from 15th to 4th place globally as a source of DDoS attacks. This shift reflects a broader trend where emerging markets are becoming significant contributors to the global DDoS infrastructure.
Risks for Cyprus’s Tech Ecosystem
Leskin emphasised the serious implications for Cyprus, especially given the island’s expanding technology sector. He stated, “Cyprus is home to a growing number of innovative technology companies. These firms need to pay close attention to emerging cyber threats, including AI-driven DDoS attacks.” Many Cypriot tech companies are in competitive markets and rely heavily on AI computations, often through platforms like ChatGPT or proprietary machine learning models. This reliance creates new vulnerabilities at the application level.
Financial and Operational Consequences
Leskin warned that the financial implications of such attacks can be severe, even for cloud-based infrastructures. Companies may incur substantial bills for processing malicious traffic, which can be detrimental for young technology businesses lacking a financial cushion. “Even if the infrastructure is deployed in the cloud with potentially limitless resources and does not go offline under load, the company will still receive a substantial resource consumption bill afterward,” he explained.
Recent Service Disruptions Highlight Vulnerabilities
Recent service disruptions in Cyprus serve as a stark reminder of the vulnerabilities faced by both public and private sectors. Leskin referenced the repeated outages affecting government and municipal online platforms in recent years, highlighting an incident last year where the national online tax filing service experienced prolonged disruptions. The filing deadline had to be postponed multiple times due to technical instability, leading to significant inconvenience for citizens.
Need for Enhanced Cybersecurity Measures
Leskin noted that the situation escalated to the point where authorities blocked access to the service from abroad, affecting many Cypriots living in other EU countries. “This decision was questionable, considering that many Cypriots who needed to submit declarations were outside the country,” he remarked. The disruption revealed that a considerable portion of the national digital infrastructure was unprepared for sustained pressure from cyber threats.
The Path Forward for Cyprus
As Cyprus continues to integrate technology into its economy, Leskin urged for proactive measures to ensure resilience against evolving cyber threats. He stated, “Cyprus has already faced availability issues caused by cyberattacks, including DDoS. These disruptions were eventually resolved, but the threat landscape continues to evolve.” He cautioned that what was considered adequate protection previously may no longer suffice today.
Leskin concluded by emphasising the importance of regular reassessment of current threats and updating defensive capabilities for both commercial organisations and public institutions in Cyprus. The stakes are high as the island’s digital economy faces an uncertain future amid rapidly advancing cyber threats.
