Mena DDoS attacks up 236% in Q2 2025, a record breaking quarter

Geopolitical tensions from the Israel-Palestine and Iran-Israel conflicts drove hacktivists to account for 73% of all malicious traffic

  • PUBLISHED: Wed 20 Aug 2025, 5:37 PM
Add as a preferred
source on Google
  • Share:

The Middle East and North Africa (Mena) region experienced a 236 per cent surge in DDoS attacks during the second quarter of 2025 amid escalating regional conflicts, data showed on Wednesday.

This is the highest number of attacks in the region’s history, according to StormWall’s latest threat analysis. Geopolitical tensions from the Israel-Palestine and Iran-Israel conflicts drove hacktivists to account for 73 per cent of all malicious traffic, with government infrastructure bearing the brunt of the attacks, StormWall report says.

Recommended For You

Tennis: Swiatek routs Muchova to reach Indian Wells quarter-finals

Tennis: Swiatek routs Muchova to reach Indian Wells quarter-finals

Adnic shareholders approve cash dividends of 47% for 2025

Adnic shareholders approve cash dividends of 47% for 2025

'Cocktail 2' first look posters out: Makers announce teaser release date

'Cocktail 2' first look posters out: Makers announce teaser release date

iPhone 18 Pro leaks reveal thicker design, bigger battery

iPhone 18 Pro leaks reveal thicker design, bigger battery

Adia, Ardian launch global real estate secondaries platform

Adia, Ardian launch global real estate secondaries platform

 

StormWall, which operates dedicated scrubbing centres in the Middle East with over 5 Tbps of combined filtering capacity, analysed attack patterns across its regional network during the second quarter of 2025.

The data shows a big change in how attacks are done and who they target. There was a 162 per cent increase in API-layer attacks and a ninefold increase in probing attacks. Probing attacks are used by hackers to find weak spots in the system before they launch a full attack.

The financial sector was the vertical industry most targeted by cyberattacks in Mena (38 per cent). There was a 26 per cent increase in cyberattacks on this sector compared to last year. Government services were the second most attacked sector (16 per cent), with a 53 per cent increase. Telecommunications (14 per cent) was the third most targeted industry.

From a geographic perspective, Saudi Arabia was the most targeted country, with 22 per cent of attacks. Israel’s share increased from 11 per cent to 19 per cent from Q1 to Q2 2025, while Iran’s share increased from 16 per cent to 17 per cent.

Furthermore, attacks are getting more sophisticated, which makes it harder for defenders to protect against them. API attacks now generate an average of just 4.7 Gbps of traffic, but they can bring down targets using only 12 per cent of the traffic volume required for traditional floods. Most API attacks used botnets with about 140,000 compromised devices, and HTTP floods were the most common way to attack APIs, accounting for 48 per cent of all API-targeting methods.

“Attackers used to rely on a lot of traffic, but now they’re going after specific targets,” says Ramil Khantimirov, the founder of StormWall. “This takes 88 per cent less traffic to have the same impact. It has become very important to review and update DDoS defenses to maintain a good security posture.”