What happened
A new attack wave tied to the Aisuru botnet reached a peak of 297 Tbps. The attack used compromised high-performance servers running outdated software. Victims saw short, intense bursts of traffic built to overwhelm defenses before automated controls could respond.
Who is affected
Hosting providers, cloud services, gaming platforms, and any enterprise with public-facing systems face higher risk. Because Aisuru relies on powerful servers rather than IoT devices, attackers can direct extreme traffic volumes with a smaller botnet. Organizations that manage large online workloads or rely on real-time services are most exposed.
Why CISOs should care
This attack shows how fast DDoS capability is scaling. Threat actors no longer need massive device networks to deliver catastrophic force. They only need access to a handful of high-bandwidth servers. Many teams tune defenses for sustained attacks, not rapid spikes. The shift in attacker strategy raises the chance of brief outages that slip past traditional detection models.
3 practical actions
-
Update DDoS detection thresholds to flag short, high-volume spikes.
-
Check with cloud or network providers to confirm capacity for 200 to 300 Tbps attacks.
-
Run a DDoS tabletop focused on fast peak attacks that end before mitigation tools activate.