DigiCert Unveils First RADAR Threat Intelligence Brief

DigiCert has launched its inaugural RADAR Threat Intelligence Brief, a quarterly analysis offering data-rich perspectives on the most pressing cybersecurity dangers. This new publication leverages information gathered from trillions of network interactions across DigiCert’s security ecosystem, which includes services like UltraDNS, UltraDDoS Protect, and UltraWAF. The report delivers one of the most extensive overviews available of the current digital threat environment.

The Q3 2025 edition of RADAR documents an extraordinary escalation in distributed denial-of-service (DDoS) assaults, with two specific incidents reaching magnitudes described as an “internet tsunami.” These attacks hit staggering peaks of 2.4 terabits per second and 3.7 terabits per second. Such events signal a pivotal change in cyber conflict, where the internet’s own infrastructure is transformed into both the primary weapon and the battleground.

Key discoveries from the latest intelligence brief include several critical trends.

DDoS Attacks Reach Record Scale: The defensive capabilities of DigiCert’s UltraDDoS Protect network were tested by numerous multi-terabit attacks, recognized as the most powerful ever recorded. This protective action is estimated to have averted roughly 3,000 hours of potential website downtime for its client base.

Geopolitical Realignment Fuels Cyber Risk: There is a noticeable trend of attack traffic emerging from geographical areas where the expansion of digital infrastructure is advancing faster than regulatory frameworks. Nations including Vietnam, Russia, Colombia, and China are now counted among the top five sources for this malicious activity.

Higher Education Targeted: A pronounced increase in DDoS attacks aimed at universities and academic networks was observed in September. This sector experienced more attacks than both financial services and IT/software services, a timing that coincides with busy enrollment periods and the typically open nature of campus network infrastructures.

Automation Drives Modern Threats: Malicious web activity saw a sharp climb from 51% in July to 73% by September. A staggering 32 million bot violations were logged in that single month, providing clear evidence that automated systems are now the driving force behind the majority of large-scale cyber offensives.

FormErr Spike Highlights DNS Interdependence: A mid-quarter surge saw DNS errors resulting from configuration mistakes jump by an astonishing 22,000%. This incident demonstrates how rapidly technical problems can propagate and cause widespread disruption across the interconnected internet.

According to Michael Smith, AppSec CTO at DigiCert, the nature of cyber threats is evolving. “Attackers are no longer forced to choose between precision and scale; they are now perfecting the use of both,” Smith noted. “Our collected data indicates that highly targeted attacks were dominant for two months of the quarter, whereas extensive, indiscriminate campaigns spiked in August, making up 65% of all incidents. To maintain resilience, organizations require comprehensive visibility that covers their entire digital footprint—from infrastructure and applications to identity management.”

Smith further highlighted the geographical focus of these attacks. “The data also reveals that the United States endured the majority of this offensive activity, accounting for 58% of all global DDoS incidents. The United Kingdom and Saudi Arabia were also significant targets, each representing 11% of the activity. Adversaries are strategically concentrating their efforts on critical infrastructure and regions of geopolitical importance, aiming to create the maximum possible disruptive impact.”

The complete Q3 DigiCert RADAR Threat Intelligence Brief is accessible for review.

(Source: ITWire Australia)