An unprecedented distributed denial of service (DDoS) attack didn’t even bring the server to its knees.
Australian security company Global Secure Layer disclosed that it had mitigated what it calls “the largest packet rate DDoS attack” recorded on its platform.
A Minecraft gaming server registered a peak packet rate of 3.15 Gpps (billion packets per second). The company estimates that this DDoS outpaces previous historical headlines by 3.2-3.5 times.
“This puts this packet rate attack as the largest ever reported to the public,” the report claims.
While it may be the largest in terms of the packet count, its bitrate was relatively low at 849 gigabits per second (Gbps).
Despite the numbers, the server stayed online as the company’s in-house DDoS mitigation platform, Goliath, auto-mitigated the attack.
It seems that attackers prepared for the attack in advance. A day prior, they launched a smaller and shorted duration assault, which peaked at 1.7 Gpps and lasted only 20 seconds.
The next day, the “Carpet Bomb” attacks started, aiming to flood traffic to all IPs within a subnet on a victim’s network. The attackers’ motivation is unclear.
“Frustrated, the attackers continued their hits, alternating between prefixes and attack vectors to find any weak points in the security configuration. By this point, the attack was overwhelming PNIs (Private Network Interconnections) between Korea Telecom and major tier 1 providers,” Global Secure Layer said.
Most of the traffic, 19.1%, came from Russia, followed by Vietnam and South Korea. Normally, DDoS attacks are well distributed, with no single country having more than 7% of total attack traffic, according to the firm’s data.
“Upon filtering for this signature across internet surveying databases, we found 5,253 vulnerable devices in Korea Telecom’s network alone. Globally, our borders saw a total of 42,209 sources participating in the packet rate campaign,” the report reads.
Global Secure Layer observed that DrayTek Vigor and Hikvision IP cameras and Maxtech MAX-G866ac devices were some of the main sources of the attack.
Massive DDoS attacks became the new normal last year when a flaw in the HTTP/2 protocol was discovered.
Your email address will not be published. Required fields are markedmarked