Cloudflare has announced that its distributed denial of service (DDoS) protection systems have managed to thwart a massive 3.8 Tbps DDoS attack—the largest ever disclosed publicly by any organization. Cloudflare's systems handled this issue fully autonomously.
The cloud cybersecurity company revealed that this huge DDoS attack was part of a wider month-long campaign of "hyper-volumetric L3/4 DDoS attacks" that exceeded 2 billion packets per second (Bpps) and 3 Tbps. Layer 3 (L3) attacks are designed to overwhelm network infrastructure by flooding it with a large volume of packets. Layer 4 (L4) attacks are designed to exhaust the resources of the transport layer by overwhelming it with connection requests or data packets.
As these defenses deal with DDoS attacks autonomously it also means that Cloudflare customers are protected promptly. Customers of its HTTP reverse proxy services such as Cloudflare WAF and Cloudflare CDN as well as customers using Spectrum and Magic Transit are automatically protected.
One of the charts of the attack published by Cloudflare shows the duration of the attack. It starts around 15:01:25 and is mitigated by 15:02:30, allowing the target to continue operating as normally very quickly.
Cloudflare warned that these massive attacks can take down unprotected internet properties as well as those protected by on-premise equipment or cloud providers that can't absorb such attacks. It claimed, and as shown by its announcement, that it does have the network capacity, global coverage, and intelligent systems required to absorb these big attacks.
Attacks like this have been noticed by Cloudflare affecting several of its customers in multiple sectors including financial services, internet, and telecommunication industries. It said they tend to use UDP on a fixed port and many contributions to the attacks come from Vietnam, Russia, Brazil, Spain, and the US.
All sorts of devices are utilized for attacks including MikroTik devices, DVRs, and web servers. It's believed that the attacks have been originating from a large number of ASUS home routers exploiting a vulnerability that was found recently by Censys.
Source: Cloudflare
7 Comments - Add comment