Cloudflare mitigated the most powerful HTTPS DDoS attack ever recorded

Shawn Knight

Posts: 14,237   +158
Staff member
What just happened? Cloudflare recently detected and mitigated what it is calling the largest HTTPS DDoS attack on record. The content delivery network and DDoS mitigation company said the attack, which peaked at 26 million requests per second, mostly came from cloud service providers rather than residential ISPs. This suggests the attacker was using hijacked virtual machines to drive the powerful attack rather than weaker Internet of Things devices.

Within less than 30 seconds, it had launched more than 212 million HTTPS requests from more than 1,500 networks across 121 countries. The attack targeted a Cloudflare customer using the company's free plan.

Perhaps the most impressive aspect of the attack was the small size of the botnet – just 5,067 devices. According to Cloudflare, each node was generating around 5,200 requests per second at its peak. Another botnet they have been tracking consists of more than 730,000 devices but wasn't able to generate more than a million requests per second.

Comparing the two, the smaller botnet was on average about 4,000 times stronger.

The attack was also somewhat unique in that it occurred over HTTPS. Such attacks require more computational resources to pull off and therefore cost the attacker more to conduct. They are also more expensive for the victim to mitigate.

Back in April, Cloudflare mitigated a 15M rps attack in just under 20 seconds flat. In August 2021, the company successfully thwarted a 17.2M rps attack.

Image credit: Soumil Kumar

Permalink to story.

 

Vanderlinde

Posts: 148   +102
I know this is irrelevant, but as a web dev maintaining over 15 servers and 2700 websites, cloudflare is a gem based on protection, security and speed.

It's a thing that acts up in the middle, between visitor and server. automaticly picks best location / server based on visitors location.

For most international websites I always deploy cloudflare. I think this is the best among all of them. That spike cloudflare sucked in would have 99.9% chrashed that server without it.
 

SG736F6

Posts: 171   +260
Seems like once or twice a year we see another "Cloudflare mitigates biggest DDOS ever recorded!!"
 

Vanderlinde

Posts: 148   +102
Seems like once or twice a year we see another "Cloudflare mitigates biggest DDOS ever recorded!!"

It kind of shows the power black hat hackers do have. It's more then capable of putting one's infrastructure down if they did'nt had such DDOS protection.

There's alot of hacked sites, IOT devices, routers and such that participate in providing a DDOS network. But also capable of primarily spamming the internet or sending forged / phishing based emails.

If you look at an avg server and the traffic it endures it's quite ****. Roughly 40% of any servers traffic is just pure noise, seeking for exploits all the time. I can estimate that 1/3rd of any of my server(s) bandwidth on monthly basis is just garbage.

They obtain their DDOS or botnet network by simply scanning for backdoors, outdated software or firmware's. once they get a hold of it they participate among. ISP's and website owners need to keep their stuff updated or simply replace the hardware if there's no update for it available.