close
close

Cloudflare recently prevented a 3.8 Tbps DDoS attack, the largest in history

Posted on by darion

What just happened? Much of today’s internet traffic consists of bots, and artificial intelligence algorithms are making the problem worse. Bots, vulnerabilities and malicious campaigns can disrupt even the largest services. Cloudflare recently prevented a massive DDoS attack that was part of a month-long campaign targeting multiple types of customers.

CDN “automatically mitigated” a record-breaking DDoS attack targeting a single, anonymous customer. During the month, Cloudflare security intercepted over 100 hyper-volume L3/4 DDoS attacks, many of which exceeded two billion packets per second and three terabits per second (Tbps).

The largest attack involved 3.8 Tbps of malicious traffic, which attackers tried to flood a single customer in just a minute. Cloudflare’s systems detected and mitigated this “world record” DDoS attack without any human intervention.

The month-long, unprecedented attack campaign targeted Cloudflare customers in the financial, Internet and telecommunications sectors, with the goal of either saturating network bandwidth or depleting the computing resources of applications and embedded devices. The attacks mainly used the UDP protocol, and the main sources of the data flood came from Vietnam, Russia, Brazil, Spain and the USA

Several types of infected devices were used to generate this record traffic, although Cloudflare noted that the majority of “high throughput” attacks resulted from vulnerable Asus routers affected by a critical security vulnerability (CVE 9.8) recently discovered by Censys. The goal of DDoS attacks was to fill the network with excessive data packets from multiple sources and to burden the “CPU cycles” necessary to process these packets.

By sending enough malicious packets, attackers can potentially consume all of the system’s CPU resources, preventing normal operation. Cloudflare implements a range of filters and network protections to thwart both malicious traffic and attempts to deplete CPU resources.

A software-defined approach successfully protected customers from the largest DDoS campaign in history. However, the company recommends that customers implement additional security measures, although these may be costly, especially for larger organizations.