Small Botnet Initiated Record-Breaking DDoS Attack — Cloudflare

Cloudflare, a web performance company, said that it stopped a record-breaking distributed denial of service (DDoS) attack that reached 26 million requests per second last week (rps). A botnet of only 5,067 devices was responsible for the attack.

FILES-CHINA-TECHNOLOGY-HACKING
(FILES) In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office. NICOLAS ASFOURI/AFP via Getty Images

According to Cloudflare, this attack didn't come from hacked low-bandwidth Internet of Things devices like several other DDoS or junk traffic attacks on websites, instead, it came from cloud service providers,

The firm noted that the attackers seized higher-bandwidth virtual machines and servers since they came from cloud provider infrastructure.

DDoS Attacks

Similar to a DDoS attempt it neutralized in April, this attack was initiated through HTTPS, the secure version of the web. Due to the expense of creating an encrypted Transport Layer Security (TLS) connection to the internet, HTTPS DDoS attacks are often more computationally expensive for both the attacker and the victim.

Hence, Cloudflare supplies customers with SSL/TLS certificates and various stuff.

A user of Cloudfare's free plan, which includes DDoS protection, an SSL certificate, and a content delivery network was affected by the attack.

Cloudfare's graph inindicates that the attack occurred within less than two minutes, increasing to its peak and eventually receding in just a matter of 10 seconds.

"It's important to understand the attack landscape when thinking about DDoS protection. When looking at our recent DDoS Trends report, we can see that most of the attacks are small, e.g. cyber vandalism. However, even small attacks can severely impact unprotected Internet properties," Cloudflare product manager Omer Yoachimik wrote in a blog post.

There were 5,067 devices in this "small but powerful" botnet, with each node generating roughly 5,200 rps. It produced 212 million HTTPS requests from over 1500 networks in 120 countries within 30 seconds.

It was stronger than another botnet that Cloudflare monitors, which has over 730,000 devices and generates only 1.3 rps per device on average.

Because of its use of virtual machines and servers, Cloudflare claims that this botnet was 4,000 times stronger on average.

Indonesia, the United States, Brazil, and Russia were the main nations from where the disseminated attack originated.

New Records for Multiple Attacks

Multiple DDoS attacks have set new records in the last two years. In June 2020, Amazon said that it had successfully countered a 2.3 Terabit per second (Tbps) assault, which was evaluated in packets per second rather than HTTP/S requests per second.

In January, Microsoft announced that it had mitigated a 3.47 Tbps DDoS attack that employed the User Datagram Protocol (UDP) in a "reflection attack."

According to Microsoft, many of the DDOS attacks are the consequence of strong competitiveness amongst users of popular online games.

In July 2021, the second greatest DDoS assault on a Cloudflare customer occurred, with a peak of 17.2 million rps.

"DDoS attacks might be initiated by humans, but they are generated by machines. By the time humans can respond to the attack, it may be over," Cloudfare added.

The firm noted that even if the assault was fast, network and application failure events can last for days or weeks after the attack is completed which causes loss of money and damages to reputation.

Cloudflare suggested that to ensure your website's protection, one must use "an automated always-on protection service" that isn't reliant on humans to mitigate the threats.

This article is owned by Tech Times

Written by Joaquin Victor Tacla

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics