Distributed Denial of Service (DDoS) attacks are among the most widespread and dangerous cyber threats worldwide. Not only do they cause significant financial losses, but they also frequently result in serious reputational damage and can have a lasting impact on the continuity of business processes.

According to the European Union Agency for Cybersecurity (ENISA), DDoS attacks account for more than three-quarters of all reported cyber incidents in the EU. In 2025, they reached a new record high. The hosting provider Cloudflare alone recorded 28.8 million repelled attacks in the first half of the year, representing a 130 per cent increase on the previous year.

Against this backdrop, we highlight the key challenges facing businesses and offer insights into how integrated management approaches and targeted protective measures can sustainably strengthen resilience against DDoS attacks.

Consequences of DDoS attacks for businesses

In 2025, attacks reached a new peak, causing significant revenue losses and reputational damage worldwide. These were overload attacks in which servers are literally inundated with data, rendering websites and online services temporarily inaccessible. Attackers are increasingly making use of so-called botnets, i.e. networks of hijacked computers and third-party internet connections, which are often recruited via support networks. The consequences of these attacks are manifold: in addition to direct revenue losses, there are high costs for system recovery, compensation payments to customers, and long-term reputational damage, which can even have a negative impact on share prices.

Holistic management rather than purely technical solutions

The increasing frequency and enormous volume of DDoS attacks overwhelm many conventional defence mechanisms and often lead to serious outages. This is why a holistic management approach is required that goes beyond purely technical measures. In this context, transparency towards clients, partners and, where applicable, investors is becoming increasingly important. Equally essential is clear and coordinated management of decisions during an attack. As the attackers’ motives often remain unclear and they continually refine their methods, comprehensive and flexible preparation is essential to ensure an effective response.

Key questions in the risk dialogue

The risk dialogue raises key questions: Are the business continuity plans comprehensive and up to date? Does the company have alternative access routes to data centres in the event that primary connections are blocked by a DDoS attack? Who needs to be involved in decision-making in an emergency, and which stakeholders – such as customers, partners or investors – must be informed in a timely and transparent manner to limit reputational damage? It is also necessary to assess whether the defence measures are commensurate with the current threat level and whether solutions for DDoS defence with guaranteed capacity, as well as for monitoring vulnerabilities, are in place.

Equally important is the question of whether the system landscape is equipped to defend against hyper-volumetric, prolonged and multi-vector attacks.

Actuarial perspectives and prevention strategies

From an actuarial perspective, investments in cyber hygiene and improved resilience are crucial to reducing potential downtime costs. At the same time, stronger protective measures have a positive impact on premium pricing. The growing complexity of DDoS attacks, for example due to their hyper-volumetric or multi-layered nature, is increasingly being factored into insurers’ risk models and underwriting strategies.

Continuous monitoring of the threat landscape remains a key success factor in cyber insurance. Given the rapid pace of change, limited historical data and rising exposures, analytical models must be constantly adapted.

Munich Re uses insights from claims and external data sources to continuously optimise modelling, quotes and solutions. An open dialogue with clients on risk is fundamental to ensuring a shared understanding of risks, exposures and cover, and to developing bespoke insurance solutions. This enables companies to remain capable of acting and to protect themselves effectively, even in a rapidly changing risk environment.