Each month now brings a new record-breaking hyper-volumetric distributed denial of service (DDoS) attack.
Cloudflare said it mitigated nearly six million DDoS attacks in the third quarter of 2024.
This is 55% more than during the same period last year and a 49% jump compared to the previous quarter.
The DDoS attacks are also increasing in size and intensity. Two hundred hyper-volumetric DDoS attacks exceeded rates of 3 terabits per second (Tbps) and 2 billion packets per second (Bpps).
On October 3rd, the then-largest cyberattack was recorded, peaking at 3.8Tbps. Just a few weeks later, the record was shattered.
“As we were writing this blog post, our systems continued to detect and mitigate these massive attacks and a new record has just been broken again, only three weeks after our last disclosure,” Cloudflare said.
On October 21st, Cloudflare’s systems autonomously detected and mitigated a 4.2 Tbps DDoS attack that lasted around a minute. This bit rate exceeds interconnects between data centers.
Cloudflare alone mitigates 2,200 DDoS attacks every hour. The company is often compared to the backbone of the modern internet. It is used as a reverse proxy by nearly 20% of all websites.
Most of the DDoS attacks (90%), including the largest ones, are very short-lived. Only 3% of attacks last more than an hour.
“80% of HTTP DDoS attack traffic impersonated the Google Chrome browser, which was the most common user agent observed in attacks,” the report reads.
Attackers are increasingly using a tactic that allows to amplify attacks by exploiting routers, printers, IP-enabled cameras, and other devices UPnP (Universal Plug and Play) protocol. The so-called SSDP (Simple Service Discovery Protocol) attack relies on sending SSDP requests to vulnerable UPnP-enabled devices and spoofing the source IP address to be the victim’s IP address.
When the routers, cameras, and other devices respond, the victim’s IP receives large amounts of traffic, overwhelming the infrastructure.
“In Q3, we observed a 4,000% increase in SSDP amplification attacks compared to the previous quarter,” Cloudflare said. “The amplification effect allows attackers to generate massive traffic from small requests, causing the victim’s service to go offline.”
The most targeted country by DDoSs was China, followed by the United Arab Emirates, Hong Kong, Singapore, Germany, and Brazil. The US ranked ninth.
Most of the malicious traffic came from Indonesia, the Netherlands, Germany, Argentina, and Colombia.
Attackers mostly focus on financial services, information technology, telecommunications, cryptocurrency, and gambling sectors.
“The increasing use of powerful botnets, fueled by geopolitical tensions and global events, is expanding the range of organizations at risk – many of which were not traditionally considered prime targets for DDoS attacks. Unfortunately, too many organizations reactively deploy DDoS protections after an attack has already caused significant damage,” Cloudflare warns.
Your email address will not be published. Required fields are markedmarked