Cloudflare has reported an attack in which attackers attempted to flood a single server with the equivalent of 9,000 HD movies. The company successfully blocked the largest DDoS attack in history.
Cloudflare has reported an attack in which attackers attempted to flood a single server with the equivalent of 9,000 HD movies. The company successfully blocked the largest DDoS attack in history.
According to TechRadar, Cloudflare neutralized a DDoS attack that caused 37.4 terabytes of traffic in just 45 seconds. The target was the IP address of an unnamed hosting provider. The peak traffic capacity was 7.3 terabits per second, and up to 45,000 unique source IP addresses were involved per second.
The majority of malicious requests (99.996%) were sent over the UDP protocol, which allows for rapid generation of large volumes of requests without the need to establish a connection. The rest of the attack was based on traffic reflection and amplification methods, using outdated diagnostic tools.
DDoS traffic came from 161 countries, with the majority coming from Brazil and Vietnam. Other sources included Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the United States, and Saudi Arabia. The vast majority were infected «smart» devices that had been turned into bots through phishing, malware, or vulnerabilities.
Cloudflare leverages its global distributed infrastructure to distribute load to data centers close to traffic sources. The company’s DDoS protection system detects anomalous packets, «stamps» them, and blocks such attacks without harming legitimate traffic.
Distributed Denial-of-Service (DDoS) attacks have become a favorite tool of cybercriminals and state hackers. Their frequency has increased by 15–20% over the past year, and the tools to launch attacks have become more accessible. In particular, they are often recorded in cyber operations against Ukraine, where Russian groups use botnets to disable the websites of state institutions and media.
Previously, we also published a story about Ukrainian cyber experts who took down the servers of Russian providers. Due to massive DDOS attacks, the servers of four Siberian branches of the provider «Sibset» were overloaded and stopped working.
