������

Between July and August 2025, the network was faced with its most intense test to date. In the span of just a few weeks, it absorbed a steady barrage of high-volume distributed denial-of-service (DDoS) attacks, many peaking between 600 and 800 gigabits per second (Gbps).

But the real test came in the form of two of the , each reaching what we refer to as “internet tsunami” scale. One attack peaked at 2.4 terabits per second (Tbps), the other at 3.7.��

These attacks weren’t just massive; they were diverse in size, speed, and technique. Yet in every case, UltraDDoS Protect kept critical services online and customers unaffected, proving the value of always-on protection at global scale.

What’s an “internet tsunami”?

An internet tsunami is any DDoS attack that exceeds 1 Tbps in size. Like their oceanic counterparts, these events are rare, fast-moving, and capable of causing widespread damage if defenses aren’t prepared.

Unlike traditional DDoS attacks that target specific services or endpoints, internet tsunamis overwhelm entire networks. They often arrive without warning, impact multiple systems at once, and leave little time to respond.

While many organizations have protections in place for routine threats, few are equipped to handle attacks of this scale on their own. Just as coastal cities rely on specialized infrastructure to survive tsunami-level storm surges, enterprises need purpose-built, high-capacity mitigation to stay online when the internet tide turns.

Tsunami #1: The 2.4 Tbps attack

The first internet tsunami struck an always-on UltraDDoS Protect customer based in the EMEA region. This was a carpet-bomb DDoS attack, meaning it flooded hundreds of IP addresses across the customer’s network simultaneously—nearly 800 in total.

Rather than focusing on a single target, the attacker aimed to overwhelm the entire address space. Traffic peaked at 2.4 Tbps and 553 million packets per second (Mpps). All were directed at port 443—the default for HTTPS—making it impossible to filter out without sophisticated inspection.

The attack was notable not just for its size but for its brevity and precision. The peak surge lasted less than a minute, followed by a series of smaller aftershocks. But despite its speed and scale, the customer experienced no disruption. The attack was absorbed entirely within the first layer of UltraDDoS Protect’s defenses thanks to always-on deployment and the network’s massive capacity.

Tsunami #2: The 3.7 Tbps attack

Just weeks later, a second internet tsunami hit—this time even more powerful. Peaking at 3.7 Tbps, this attack became the largest ever mitigated by the UltraDDoS Protect network.

The target was a different customer in a different region and industry, with no clear link to the previous attack. The method was similar—another carpet-bomb strategy—but more focused, aiming at 270 IP addresses rather than 800. That meant each endpoint received a heavier share of the flood.

What made this attack unique wasn’t just its size—it was its tactical shift. The traffic mix changed: Larger, fragmented UDP packets reduced the packet-per-second rate while dramatically increasing bandwidth consumption. It lasted longer, too, sustaining multi-terabit traffic for several minutes and maintaining 800+ Gbps for over ten minutes total.

Despite these changes, UltraDDoS Protect adapted instantly. Always-on protection absorbed the initial surge, and automated countermeasures quickly kicked in to shape and filter malicious traffic. Our SOC analysts monitored in real time, fine-tuning the mitigation and keeping the customer fully informed. The result: zero reported impact.��

How UltraDDoS Protect mitigates internet tsunamis

When DDoS attacks reach multi-terabit scale, protection must happen instantly and at every layer. UltraDDoS Protect is designed to respond in real time, absorbing, filtering, and adapting to hostile traffic without interrupting service.

For always-on customers, mitigation begins the moment attack traffic enters our network. In the 2.4 Tbps event, that meant filtering and deflecting the flood within seconds—so fast that the customer saw no direct impact, despite the attack hitting nearly 800 endpoints simultaneously.

The 3.7 Tbps attack presented a different challenge: sustained pressure, larger packets, and a different traffic pattern. As automated systems shaped and dropped malicious traffic, our SOC team monitored the response and kept the customer informed.

This layered approach—capacity, automation, and expert oversight—ensures UltraDDoS Protect remains effective even as attackers shift tactics mid-stream. And because these customers were deployed in always-on mode, mitigation began at the edge, before any of the traffic reached their infrastructure.

Building on success for better DDoS defense

These internet tsunamis weren’t isolated incidents. While absorbing multi-terabit attacks, UltraDDoS Protect also continued to mitigate numerous smaller-scale threats—including a separate 700 Gbps attack on the same day as the 2.4 Tbps event. The ability to defend multiple customers simultaneously, at high volume, reflects the scale and resilience of our global infrastructure.

But every attack is also an opportunity to improve.

After each major event, our security, engineering, and product teams conduct thorough reviews—examining what worked, where we can optimize, and how our defenses should evolve. From automation tuning to architectural updates, we continuously refine the platform to stay ahead of a shifting threat landscape.

DDoS threats aren’t slowing down, and neither are we. UltraDDoS Protect combines scale, speed, intelligence, and human expertise to make sure that when the next internet tsunami hits, our customers stay online.

Protect your business from the next wave

Multi-terabit DDoS attacks are no longer theoretical—they’re happening now, and they’re growing in size and sophistication. The recent 2.4 and 3.7 Tbps internet tsunami events proved that UltraDDoS Protect can withstand even the largest attacks without disrupting the organizations we defend.

But resilience at this scale doesn’t happen by accident. It requires the right capacity, the right automation, and the right team standing behind it—so your business stays online no matter what.

to see how UltraDDoS Protect can safeguard your infrastructure before the next wave hits.