DDoS in December 2025

In December 2025, Fastly reported its largest Distributed Denial of Service (DDoS) attack of the year, dubbed the "Grinch Attack," which targeted a high-tech enterprise during the Christmas holiday, a time when cybersecurity defenses are often lower. This sophisticated attack utilized multiple DDoS vectors, including a combination of high-level requests per second (RPS) and low-level packets per second (PPS) attacks, reaching over 100 million RPS and lasting approximately 48 hours. Fastly's DDoS Protection, leveraging its global edge network, generated over a thousand automated rules to successfully isolate and mitigate the attack traffic without impacting legitimate users. The attack, primarily sourced from countries like the United States, Brazil, and Mexico, highlights the need for automated and always-on security solutions to defend against increasingly complex DDoS threats, as attackers target vulnerable times to disrupt operations.