The article argues that DDoS defense is getting harder because automated traffic has become “normal” internet traffic. It points to a December 2025 incident where Solana faced a massive DDoS attack peaking at 6 Tbps and lasting more than a week, yet reportedly avoided downtime—an example of how extreme attack volumes are now plausible. The author says bots now account for more than half of web traffic, which blurs the line between legitimate automation (APIs, integrations, mobile apps, background jobs) and hostile bot activity. That creates a dilemma: if defenders rate-limit too aggressively, they can break real services; if they are too conservative, attackers can hide in the noise.

It also explains that modern DDoS attacks are typically multi-vector, combining network-layer floods (Layer 3) with application/API floods (Layer 7). Traditional “perimeter” defenses may absorb raw volume, but application-layer attacks can cause outsized damage by triggering expensive backend work (logins, page loads, database operations) even without huge traffic. A key challenge is establishing a reliable baseline when “normal” traffic already looks repetitive and high-frequency, and the article flags “economic DDoS” (cost-exhaustion) as a growing tactic that degrades performance while driving up cloud/infrastructure costs. The recommended direction is behavior-based detection plus fast, automated mitigation, with layered controls spanning ISP/cloud scrubbing at the network edge and WAF/API gateway/WAAP-type protections closer to the application—treating DDoS as a core availability risk as attack volumes remain high (the piece cites 8+ million attacks recorded in the first half of 2025).

Source: https://www.itsecurityguru.org/2025/12/22/ddos-protection-fresh-challenges-bot-traffic-reaches-new-peak