Surge in DDoS Attacks Puts Cyprus Digital Economy Under Growing Pressure, New Report Finds

A notable escalation in distributed denial-of-service (DDoS) attacks is increasingly exposing Cyprus’ banking, payments, and iGaming sectors to heightened cyber risk, according to new findings published by cybersecurity firm Qrator Labs. The company’s Q1 2026 report indicates that these industries—core pillars of the island’s digital economy—are among the most frequently targeted sectors on a global scale.

The data shows that banking institutions accounted for 22.8% of all recorded DDoS incidents, while payment systems represented 15.9% and betting or gambling platforms made up 10.0%. Combined, these three categories accounted for nearly half of all attacks registered in the first quarter of 2026, underscoring their continued attractiveness to threat actors due to their reliance on constant online availability.

The report further highlights a clear evolution in attack sophistication, noting a shift toward more complex and sustained disruption campaigns. Compared with the previous year, multi-vector DDoS attacks increased by 34%, while incidents combining both network-layer and application-layer methods nearly doubled. Alongside this trend, high-capacity attacks have become more frequent, with several events exceeding 1 Tbps recorded during the period.

Among the most significant incidents documented was an attack targeting a Cyprus-based iGaming operator that peaked above 2 Tbps. According to the findings, the assault sustained its maximum intensity for more than 40 minutes, a duration described as unusually long given that attacks of this magnitude typically last only a matter of seconds. Such prolonged disruption has the potential to severely impact online service availability, payment processing systems, and customer access, ultimately leading to both financial losses and reputational harm for affected companies.

The report also draws attention to the rapid scaling of botnet infrastructure used to conduct these attacks. The largest observed malicious network expanded more than tenfold over the past year, reaching approximately 13.5 million compromised devices. This expansion has significantly lowered the barrier for launching large-scale and persistent cyberattacks, making such operations more accessible to a broader range of threat actors.

Cyprus, in particular, is highlighted as a high-risk environment due to the concentration of digital-first industries that depend heavily on uninterrupted connectivity. The report further notes that existing infrastructure limitations, including constrained subsea cable capacity, may intensify the consequences of large-scale attacks. This could result not only in direct impacts on targeted organizations but also in wider disruptions to national network stability.

As stated by Andrey Leskin, “Global DDoS trends are increasingly reflected in regions like Cyprus, where key industries are both highly digitalised and internationally exposed,” adding that “As Cyprus-based companies expand into new markets, particularly in Latin America or Southeast Asia, they face not only higher background levels of cybercrime, but also the risk of DDoS attacks being used as a competitive tool,” and concluding that “In this environment, businesses need to factor cyber resilience into their expansion strategy from the start, rather than reacting to incidents after they occur,” he concluded.

By fLEXI tEAM