Categories
Security

Cloudflare just stopped one of the largest DDoS attacks ever

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources — data centers.

Cloudflare

The attack was detected and mitigated automatically by Cloudflare’s defense systems, which were set up for one of its customers using the paid Professional plan. At its peak, the attack reached a massive 15.3 million requests-per-second (rps). This makes it the largest HTTPS DDoS attack ever mitigated by Cloudflare.

Cloudflare has previously seen attacks on a larger scale targeting unencrypted HTTP, but as Cloudflare mentions in its announcement, targeting HTTPS is a much more expensive and difficult venture. Such attacks typically require extra computational resources due to the need to establish a transport layer security (TLS) encrypted connection. The increase in costs is twofold: It costs more for the attacker to establish the attack, and it costs more for the targeted server to mitigate it.

The attack lasted less than 15 seconds, and its target was a cryptocurrency launchpad. Crypto launchpads are platforms that startups within the crypto space can use to raise early-stage funding while leveraging the reach of the launchpad. Cloudflare mitigated the attack without any additional actions being taken by the customer.

The source of the attack was not unfamiliar to Cloudflare — it said that it has seen attacks hitting up to 10 million rps from sources that match the same attack fingerprint. However, the devices that carried out the attack were something new, seeing as they came mostly from data centers. Cloudflare notes that this marks a shift that it has already been noticing as of late, with larger attacks moving from residential network internet service providers (ISPs) to huge networks of cloud compute ISPs.

Cloudflare DDoS attack sources.
Cloudflare

Approximately 6,000 unique bots across over 1,300 networks carried out the DDoS attack that Cloudflare managed to mitigate automatically, without any human intervention. Perhaps more impressive is the number of locations involved, adding up to a total of 112 countries all around the globe. The largest share of it (15%) came from Indonesia, followed by Russia, Brazil, India, Colombia, and the U.S.

While this wasn’t the largest DDoS attack ever mitigated by Cloudflare, it’s definitely up there in terms of volume and severity. In 2021, the service managed to stop a 17.2 million rps HTTP DDoS attack. Earlier this year, the company reported that it has seen a massive rise in the number of DDoS attacks which increased by a staggering 175% quarter-over-quarter based on data from the fourth quarter of 2021.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Microsoft says it mitigated one of the largest DDoS attacks ever recorded

Microsoft says it was able to mitigate a 2.4Tbps Distributed Denial-of-Service (DDoS) attack in August. The attack targeted an Azure customer in Europe and was 140 percent higher than the highest attack bandwidth volume Microsoft recorded in 2020. It also exceeds the peak traffic volume of 2.3Tbps directed at Amazon Web Services last year, though it was a smaller attack than the 2.54Tbps one Google mitigated in 2017.

Microsoft says the attack lasted more than 10 minutes, with short-lived bursts of traffic that peaked at 2.4Tbps, 0.55Tbps, and finally 1.7Tbps. DDoS attacks are typically used to force websites or services offline, thanks to a flood of traffic that a web host can’t handle. They’re usually performed through a botnet, a network of machines that have been compromised using malware or malicious software to control them remotely. Azure was able to stay online throughout the attack, thanks to its ability to absorb tens of terabits of DDoS attacks.

The attack on Azure lasted more than 10 minutes.
Image: Microsoft

“The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States,” explains Amir Dahan, a senior program manager for Microsoft’s Azure networking team.

While the number of DDoS attacks have increased in 2021 on Azure, the maximum attack throughput had declined to 625Mbps before this 2.4Tbps attack in the last week of August. Microsoft doesn’t name the Azure customer in Europe that was targeted, but such attacks can also be used as cover for secondary attacks that attempt to spread malware and infiltrate company systems.

The attack is one of the biggest in recent memory. Last year, Google detailed a 2.54Tbps DDoS attack it mitigated in 2017, and Amazon Web Services (AWS) mitigated a 2.3Tbps attack. In 2018, NetScout Arbor fended off a 1.7Tbps attack.

Correction October 12th, 3:17PM ET: We originally reported that Microsoft had mitigated the largest DDoS attack ever recorded, but Google mitigated a larger one in 2017. We have changed the headline and the article to reflect this. We regret the error.

Repost: Original Source and Author Link