TL;DR
In 2025, Internet growth was driven less by humans and more by AI, with AI crawling and user-triggered access surging while post-quantum encryption secured over half of human web traffic. Security risks intensified as record-breaking DDoS attacks topped 30 Tbps and government-imposed shutdowns accounted for nearly half of major global outages.
Key Points
Highlight key points with color coding based on sentiment (positive, neutral, negative).Global Internet traffic grew 19% in 2025, with growth accelerating sharply after August and exceeding the growth rate observed in 2024.
Post-quantum encrypted traffic rose from 29% to 52% of human-generated web traffic, driven largely by operating system updates on mobile devices.
AI-related crawling activity expanded rapidly, with user-triggered AI crawlers increasing more than 15x and Googlebot alone accounting for 4.5% of all HTML requests.
Hyper-volumetric DDoS attacks reached new records in 2025, peaking at 31.4 Tbps and 14 billion packets per second, surpassing previous global attack thresholds.
Nearly half of the 174 major Internet outages observed worldwide were caused by government-directed shutdowns, primarily linked to exams, protests, and civil unrest.
In its 2025 Radar Year in Review, Cloudflare shared a detailed analysis of Internet trends and patterns observed throughout the year. The report is divided into six sections: Traffic, AI, Adoption & Usage, Connectivity, Security, and Email Security. Key findings include the rise of AI, the adoption of post-quantum encryption, and record-breaking DDoS attacks. Global Internet traffic increased by 19%, with Starlink traffic doubling as it expanded into over 20 new countries. Googlebot led in request traffic, primarily for search indexing and AI training, while post-quantum encryption accounted for 52% of human-generated web traffic.
In the AI domain, Googlebot's crawl volume surpassed other AI bots, and AI "user action" crawling increased by over 15 times. AI bots constituted 4.2% of HTML request traffic, with Googlebot alone responsible for 4.5%. Regarding adoption and usage, iOS devices represented 35% of mobile device traffic globally. HTTP/3 and HTTP/2 usage experienced a slight increase, and JavaScript-based libraries and frameworks remained crucial for web development. Go-based clients were responsible for one-fifth of automated API requests.
Connectivity insights indicate that nearly half of the 174 major Internet outages resulted from government-directed shutdowns. IPv6 adoption was below expectations, with less than a third of dual-stack requests made over IPv6 globally, though India exceeded this with over two-thirds. European countries reported some of the highest download speeds, with Spain consistently ranking high in Internet quality metrics.
In terms of security, 6% of global traffic was mitigated by Cloudflare's systems, with 40% of global bot traffic originating from the United States. The "People and Society" vertical was the most targeted by attacks. Routing security improved, with significant growth in RPKI valid routes and covered IP address space. In email security, over 5% of emails analyzed were malicious, featuring deceptive links, identity deception, and brand impersonation. The .christmas and .lol TLDs were among the most abused, with nearly all emails from these domains being spam or malicious.
Key Numbers
Present key numerics and statistics in a minimalist format.The growth in global Internet traffic in 2025.
The increase in Starlink traffic in 2025.
The number of new countries/regions with Starlink traffic in 2025.
The share of human-generated web traffic that is post-quantum encrypted.
The increase in AI "user action" crawling in 2025.
The percentage of mobile device traffic generated by iOS devices globally.
The percentage of requests made over HTTP/2.
The percentage of requests made over HTTP/1.x.
The percentage of requests made over HTTP/3.
The global percentage of dual-stack requests made over IPv6.
The percentage of dual-stack requests made over IPv6 in India.
The number of major Internet outages in 2025.
The percentage of major Internet outages due to government-directed shutdowns.
The percentage of global traffic mitigated by Cloudflare’s systems.
The percentage of global bot traffic originating from the United States.
The peak size of a hyper-volumetric DDoS attack in 2025.
The percentage of email messages analyzed that were found to be malicious.
Timeline of Events
Timeline of key events and milestones.User-action crawler traffic appeared at low volume and began growing over the year.
Cloudflare added visibility into AI model usage and task popularity on Workers AI.
Organizations in the People and Society sector experienced a notable rise in targeted attacks.
Googlebot accounted for approximately 11% of observed HTML requests.
OpenAI's GPTBot reached its highest observed crawling activity.
A large DDoS attack campaign targeted a single Cloudflare customer domain.
Cloudflare mitigated a DDoS attack reaching approximately 10 Tbps.
A series of DDoS attacks exceeded 20 Tbps in volume.
Several hyper-volumetric attacks were recorded, with a peak of 29.7 Tbps.
An increase in malicious email share was observed following improvements in email classification.
A DDoS attack peaked at 31.4 Tbps, the largest observed during the year.
Valid IPv4 routes reached 53.9%, while valid IPv6 routes reached 60.1%.
Additional Resources
Enjoyed it?
Get weekly updates delivered straight to your inbox, it only takes 3 seconds!Subscribe to our weekly newsletter DevOpsLinks to receive similar updates for free!
Give a Pawfive to this post!
Share with your friends and followers
Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.
Join other developers and claim your FAUN.dev() account now!
FAUN.dev()
FAUN.dev() is a developer-first platform built with a simple goal: help engineers stay sharp without wasting their time.
DevOpsLinks #DevOps
FAUN.dev()
@devopslinksFeatured Course(s)
End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector
The full journey from nothing to production
