Cybersecurity concerns are intensifying in Cyprus as global Distributed Denial of Service (DDoS) attacks rise sharply, placing pressure on national infrastructure and prompting renewed investment in digital defences.

A new report from Qrator Labs revealed that application-layer DDoS attacks surged by 74 per cent globally in the second quarter of 2025 compared to the same period in 2024.

These types of attacks target web applications, sending malicious traffic that mimics legitimate user requests, making them particularly difficult to detect and mitigate.

Financial institutions remained the most frequent targets, accounting for 43.6 per cent of all application-layer attacks during the quarter.

E-commerce platforms followed with 22.6 per cent, while information and communication technology services made up 18.2 per cent of recorded attacks.

The global escalation of DDoS threats coincides with a heightened state of alert in Cyprus.

A recent threat from a group calling itself the “Tunisian Maskers Cyber Force” warned of a “powerful, massive and extensive” DDoS attack targeting critical Cypriot infrastructure.

Experts believe the threat is likely politically or religiously motivated.

Previous incidents underscore Cyprus’s digital vulnerabilities.

In March 2023, the University of Cyprus, the Land Registry, and the Open University of Cyprus were all struck by serious cyberattacks, resulting in operational damage and data breaches.

In response to the growing threat landscape, the Cypriot government earlier this year allocated €8.5 million to bolster national cybersecurity, marking a shift from years of underinvestment that left public infrastructure exposed.

Deputy Minister of Research Nicodemos Damianou told the House audit committee that although progress has been made, security systems across government entities remain fragmented and full integration will require time.

He noted that eleven critical infrastructures received cyber defence updates following the October 2024 cyberattacks.

He also cited the relocation of all government servers after flooding at the finance ministry in 2023 as part of broader infrastructure improvements.

Compounding the concern, Qrator Labs recently identified the largest-ever DDoS botnet, comprising 4.6 million infected devices.

This network is nearly 20 times larger than any observed in 2024.

Such a vast botnet is capable of overwhelming digital services rapidly and could severely disrupt economic activity.

“The explosive growth of application-layer DDoS attacks is a direct consequence of the rapidly expanding number of vulnerable devices with fast internet connections” said Andrey Leskin, Chief Technology Officer at Qrator Labs.

“The size of botnets we observe today would have been unimaginable just a year ago” he added.

“An attack launched by a botnet of this scale, if not properly mitigated, can generate tens of millions of requests, overwhelming online services until websites become inaccessible, critical transactions fail, and entire digital operations come to a halt” he explained.

“Not every DDoS protection provider is equipped to handle an assault of this magnitude, which means that even businesses with defences in place may find themselves unprepared for the impact” Leskin said.

To mitigate risks, Qrator Labs recommends that organisations improve their incident response plans, invest in advanced DDoS mitigation tools, and conduct regular stress testing on their infrastructure to build long-term digital resilience.