Cyber Threats Escalate: U.S. Tops Hacktivist DDoS Targets, But Australia And NZ Remain In The Crosshairs

The first quarter of 2025 saw a significant spike in cyber activity led by politically motivated hacktivist groups. According to Radware’s Hacktivism Unveiled Q1 2025 report, the United States was the most targeted country for distributed denial-of-service (DDoS) attacks, accounting for 13.5% of global incidents. With 558 reported attacks, the U.S. surpassed both Ukraine (400 attacks) and Israel (340 attacks), indicating an intensification of politically driven cyber activity directed toward Western nations.

While much of the global spotlight remains on attacks against U.S. infrastructure, it would be a mistake for Australia and New Zealand to consider themselves safe from similar threats. In fact, new analysis shows that the broader Asia-Pacific region—including both countries—is experiencing a significantly elevated rate of cyberattacks, including DDoS events.

Google Cloud’s Threat Intel division, Mandiant, produced a report last week focusing on rising threats from the DPRK, which suggested that – while a lot of new activity was focused on the EU, the ANZ region remained at least a minor focus.

A Rising Tide of Cyber Threats in the Region

Recent figures from cybersecurity firm CYFIRMA highlight that cyberattack rates in the Asia-Pacific region are now 60% higher than the global average. These attacks range from ransomware to phishing, but DDoS attacks in particular have grown in frequency and severity, driven in part by ideological, political, or nation-state actors.

Australia’s 2023–2024 fiscal year data paints a similarly sobering picture. The Australian Signals Directorate (ASD) responded to more than 1,100 cybersecurity incidents over the period, with approximately 11% of those affecting critical infrastructure sectors such as energy, water, and health. During the same period, the Australian Cyber Security Hotline received over 36,700 calls—an increase of 12% year-on-year—demonstrating rising public concern and the increasing impact of cyber threats on business continuity and public services.

In New Zealand, CERT NZ reported a notable increase in incident notifications in late 2024, particularly targeting financial institutions, healthcare providers, and government agencies. The uptick has prompted more serious discussions around national cyber resilience and the need for investment in real-time threat intelligence and mitigation capabilities.

DDoS: A Tool for Disruption, Not Just Data Theft

While ransomware attacks often aim for financial gain, DDoS attacks are more frequently about disruption and destabilisation. According to Radware’s report, hacktivist groups like KillNet and Anonymous Sudan have used DDoS attacks to make political statements or sow chaos, often timed to coincide with geopolitical events.

Radware’s report also highlighted that these attacks are becoming more complex, blending multiple vectors to evade detection. For example, a single DDoS campaign may target both application and network layers while leveraging techniques like DNS amplification or botnet swarms to maximise impact.

This complexity is reflected in global figures. According to NETSCOUT’s latest threat intelligence report, over 8.9 million DDoS attacks occurred in the first half of 2024—an increase of nearly 13% over the previous period. The most severe of these reached a staggering 995.40 Gbps in bandwidth, capable of overwhelming even the most robust infrastructure.

Preparing for the Inevitable: What Local Organisations Can Do

The Australian and New Zealand governments have both stepped up cyber awareness initiatives in recent years, but the evolving threat landscape requires organisations to take proactive steps to defend themselves.

Here are five key strategies that organisations in the region should consider:

1. Invest in Advanced DDoS Mitigation Solutions
   Partnering with a trusted cybersecurity provider that offers 24/7 monitoring, intelligent traffic analysis, and automated mitigation is essential for reducing risk.
2. Undertake Regular Risk Assessments
   A comprehensive review of infrastructure, application vulnerabilities, and third-party exposure helps uncover weak points before attackers do.
3. Develop and Test Incident Response Plans
   Quick action can make a critical difference during an attack. Detailed response protocols and regular drills ensure teams are prepared to act swiftly.
4. Engage with Government Resources
   Agencies like the ASD and CERT NZ provide up-to-date threat intelligence and practical guidance. Engaging with these bodies can enhance both preparedness and recovery.
5. Promote Cyber Awareness Across the Organisation
   Human error remains one of the most common entry points for cybercriminals. Continuous education and phishing simulations help build a culture of cybersecurity vigilance.

Looking Ahead

Cybersecurity is no longer just a concern for IT departments. It’s a board-level issue that impacts operational continuity, customer trust, and even national security. With hacktivist-driven DDoS campaigns increasing in volume and targeting a broader range of sectors, businesses, governments, and infrastructure providers across Australia and New Zealand – and indeed the world - must remain vigilant. Although the US and Ukraine remain at the top of the target list, we are far from immune to these threats, especially as the world moves into a less stable period.

As geopolitical tensions continue to fuel cyber offensives around the world, the question is no longer if an organisation will be targeted—but when. By adopting a layered and proactive cybersecurity posture, organisations in this region can better withstand the evolving digital threats of 2025 and beyond.

© Scoop Media