Jump to content
  • Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

    aum

    • 483 views
    • 2 minutes
     Share


    • 483 views
    • 2 minutes

    Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date.

     

    The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industry last month. "Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests," the company noted, at one point reaching a record high of 17.2 million requests-per-second (rps), making it three times bigger than previously reported HTTP DDoS attacks.

     

    Volumetric DDoS attacks are designed to target a specific network with an intention to overwhelm its bandwidth capacity and often utilize reflective amplification techniques to scale their attack and cause as much operational disruption as possible.

     

    They also typically originate from a network of malware-infected systems — consisting of computers, servers, and IoT devices — enabling threat actors to seize control and co-opt the machines into a botnet capable of generating an influx of junk traffic directed against the victim.

     

    AVvXsEiqUwlzG6Rjx90W-PAUs3lub6gBAfyy4cvm

     

    In this specific incident, the traffic originated from more than 20,000 bots in 125 countries worldwide, with almost 15% of the attack originating from Indonesia, followed by India, Brazil, Vietnam, and Ukraine. What's more, the 17.2 million rps alone accounted for 68% of the average rps rate of legitimate HTTP traffic processed by Cloudflare in Q2 2021, which is at 25 million HTTP rps.

     

    This is far from the first time similar attacks have been detected in recent weeks. Cloudflare noted that the same Mirai botnet was used to strike a hosting provider with an HTTP DDoS attack that peaked a little below 8 million rps.

     

    Separately, a Mirai-variant botnet was observed launching over a dozen UDP and TCP-based DDoS attacks that peaked multiple times above 1 Tbps. The company said the unsuccessful attacks were aimed at a gaming company and a major Asia Pacific-based internet services, telecommunications, and hosting provider.

     

    "While the majority of attacks are small and short, we continue to see these types of volumetric attacks emerging more often," Cloudflare said. "It's important to note that these volumetric short burst attacks can be especially dangerous for legacy DDoS protection systems or organizations without active, always-on cloud-based protection."

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...