Cloudflare mitigates one of the largest DDoS attacks
Cloudflare claims the mitigation of the largest ever denial of service (DDoS) attack recorded to date. The attack, initiated through a Mirai botnet, is found to target a financial industry customer last month.
The company stated that within a few seconds, the botnet attacked the Cloudflare edge with more than 330 million attack requests and at one point reached 17.2 million requests-per-second (rps). This record makes it three times bigger than any HTTP DDoS attacks reported earlier.
Created in 2009, Cloudflare is an American web infrastructure and website security company also specializing in providing content delivery networks along with DDoS mitigation services.
Volumetric DDoS attacks like these are devised for specific networks to overwhelm their bandwidth capacity and use tactics to scale these attacks to cause more operational disruption.
The main mechanism involves allowing the threat actors to grasp control through a network of malware-infected systems, converting the machine into a botnet. This will generate junk traffic in bulk targeted towards the victim.
Also read: Unpatched vulnerabilities in Mitsubishi PLCs
In this case, the bulk traffic started from 20,000 plus bots in many countries around the world, with around 15% of the attack initiating from Indonesia. This is followed by India, Brazil, Vietnam, and Ukraine. Moreover, the 17.2 million rps alone accounts for 68% of the rps rate of genuine HTTP traffic processed by Cloudflare in the second quarter of 2021.
Cloudflare also observed that the same Mirai botnet was used for striking a hosting provider with an HTTP DDoS attack a little below 8 million rps. Also, a Mirai-variant botnet was noted starting more than a dozen UDP and TCP-based DDoS attacks, aiming at a gaming company along with a prominent Asia Pacific-based internet services, telecommunications, and hosting provider.
Cloudflare, therefore, stated that while majority of the attacks are small, there is a rise in the emergence of such volumetric attacks. The company further pointed out that all such attacks can prove to be dangerous for older DDoS protection systems or organizations that do not have active cloud-based protection.
