In the first half of 2025, the number of DDoS attacks on Europe decreased by 73%

The number of DDoS attacks in Europe decreased by 73% in the first six months of 2025 compared to the same period a year earlier — from 848 cases in the first half of 2024 to 225 this year, according to data from Latvian technology company Tet. At the same time, an increase in the number of hacked devices that are then used in attacks has been observed.

Uldis Libietis, IT Security Manager at Tet, explains that the decrease in DDoS attacks is due to two factors: the elimination of 27 cybercrime platforms by the end of 2024 and the change in the approach of attackers from mass, to less visible, but more complex and targeted attacks.

According to Tet, in 2025, the Latvian State Police, together with Europol, stopped one of the criminal groups that had been attacking the financial sector and government institutions for years, and also helped shut down the servers of the pro-Russian cybercrime network NoName057(16).

This year, the highest number of DDoS attacks was recorded in early May. The company attributes this to the Locked Shields 2025 cyber defense exercise held in Riga. During the event, more than 4,000 participants from 41 countries took part in protecting critical infrastructure from simulated cyber attacks.

In addition, Tet notes that the largest DDoS attack recorded in 2025 reached 300 Gbps. In addition, the number of compromised devices from Latvia, which attackers subsequently use in attacks on other countries, is currently increasing.