When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Cloudflare fends off record 3.8 Tbps DDoS attack with autonomous systems

DDoS graphic by Cloudflare

Cloudflare has announced that its distributed denial of service (DDoS) protection systems have managed to thwart a massive 3.8 Tbps DDoS attack—the largest ever disclosed publicly by any organization. Cloudflare's systems handled this issue fully autonomously.

The cloud cybersecurity company revealed that this huge DDoS attack was part of a wider month-long campaign of "hyper-volumetric L3/4 DDoS attacks" that exceeded 2 billion packets per second (Bpps) and 3 Tbps. Layer 3 (L3) attacks are designed to overwhelm network infrastructure by flooding it with a large volume of packets. Layer 4 (L4) attacks are designed to exhaust the resources of the transport layer by overwhelming it with connection requests or data packets.

As these defenses deal with DDoS attacks autonomously it also means that Cloudflare customers are protected promptly. Customers of its HTTP reverse proxy services such as Cloudflare WAF and Cloudflare CDN as well as customers using Spectrum and Magic Transit are automatically protected.

One of the charts of the attack published by Cloudflare shows the duration of the attack. It starts around 15:01:25 and is mitigated by 15:02:30, allowing the target to continue operating as normally very quickly.

A DDoS attack on Cloudflare customer

Cloudflare warned that these massive attacks can take down unprotected internet properties as well as those protected by on-premise equipment or cloud providers that can't absorb such attacks. It claimed, and as shown by its announcement, that it does have the network capacity, global coverage, and intelligent systems required to absorb these big attacks.

Attacks like this have been noticed by Cloudflare affecting several of its customers in multiple sectors including financial services, internet, and telecommunication industries. It said they tend to use UDP on a fixed port and many contributions to the attacks come from Vietnam, Russia, Brazil, Spain, and the US.

All sorts of devices are utilized for attacks including MikroTik devices, DVRs, and web servers. It's believed that the attacks have been originating from a large number of ASUS home routers exploiting a vulnerability that was found recently by Censys.

Source: Cloudflare

Report a problem with article
OpenAI o1 thinking
Next Article

Google is working to create its own reasoning model, similar to OpenAI's o1

Accenture and Nvidia
Previous Article

Accenture plans to train 30,000 on Nvidia's AI stack for enterprise adoption

Join the conversation!

Login or Sign Up to read and post a comment.

7 Comments - Add comment