Cloudflare has disclosed a new largest-ever DDoS (distributed denial of service) attack, which peaked at 3.8 Tbps. This is equivalent to filling a 1 terabyte hard drive in less than three seconds. An unprecedented campaign of hyper-volumetric DDoS attacks tested defenses during September.
Cloudflare boasts that its systems successfully mitigated the largest DDoS attacks ever. In September, over 100 such attacks landed on its servers, many exceeding two billion packets and three terabits per second.
“Detection and mitigation was fully autonomous,” the Cloudflare’s report reads.
However, the company, which is often compared to the backbone of the modern internet, warns that not all internet properties will be safe.
Previously, the Australian security company Global Secure Layer claimed the first spot in mitigating an attack, which had an even higher packet rate but a comparatively low bit rate.
“Due to their sheer size and bits/packets per second rates, these attacks have the ability to take down unprotected internet properties, as well as internet properties that are protected by on-premise equipment or by cloud providers that just don’t have sufficient network capacity or global coverage,” Cloudflare said.
The new wave of monstrous DDoS attacks targets companies in financial services, internet, and telecommunication industries, among others. Almost a quarter of all the traffic comes from only two countries: Russia (12.1%) and Vietnam (11.6%). However, many other packers originate from Brazil, Spain, and the US.
Cybercrooks leverage UDP (User Datagram Protocol) packets on a fixed port, this communication protocol enables sending packets without checking if they're received correctly.
“The high packet rate attacks appear to originate from multiple types of compromised devices, including MikroTik devices, DVRs, and Web servers, orchestrated to work in tandem and flood the target with exceptionally large volumes of traffic,” the report reads.
Researchers also discovered that compromised Asus home routers appear to be responsible for high bit rate attacks. The devices were likely compromised by attackers exploiting a critical 9.8 out of 10 vulnerability, which affected at least 157,000 routers in June.
The goal of DDoS is to deny legitimate users access to the services by saturating the bandwidth or exhausting other resources of the devices or applications. Server processors (CPUs) need to process each packet delivered to a service, therefore, in a high packet rate attack, attackers try to overwhelm the available CPU resources. High bit rate attacks attempt to exhaust network bandwidth.
Often considered a nuisance, DDoS attacks rarely incur any permanent damage.
Your email address will not be published. Required fields are markedmarked