A recent distributed denial-of-service (DDoS) campaign has set a new record, targeting organizations in the financial services, internet, and telecommunications sectors with hyper-volumetric attacks peaking at 3.8 terabits per second (Tbps). This marks the largest publicly recorded DDoS attack to date. Over a month-long period, more than 100 DDoS attacks were launched, inundating target networks with an enormous volume of data.
Volumetric DDoS attacks work by overwhelming the target’s resources, such as bandwidth or application infrastructure, with an immense amount of illegitimate traffic. This disrupts the target’s operations, preventing legitimate users from accessing services. During these attacks, the target’s network is bombarded with massive amounts of data, causing a denial of service to actual users. Attackers typically target the network and transport layers (L3/L4) of the infrastructure. In this campaign, many attacks exceeded two billion packets per second (pps) and surpassed three Tbps in traffic.
Cloudflare Mitigates Record-Breaking DDoS Attack
Cloudflare, a leading internet infrastructure company, successfully mitigated these DDoS attacks. The largest attack, which peaked at 3.8 Tbps, lasted for 65 seconds. Cloudflare’s systems autonomously defended against all attacks, ensuring the targeted infrastructure did not suffer long-term outages.
The attackers deployed devices across various countries, with significant numbers located in Russia, Vietnam, the U.S., Brazil, and Spain. They compromised multiple types of devices, including Asus home routers, Mikrotik systems, digital video recorders (DVRs), and web servers, forming a botnet used to carry out the attack.
Attack Techniques and Protocols
A key factor in the effectiveness of this DDoS campaign was the use of the User Datagram Protocol (UDP) on a fixed port. UDP is a communication protocol that enables fast data transfers without requiring a formal connection, making it particularly attractive for DDoS attackers as it allows for the rapid flooding of a target’s resources without the need for complex communication protocols.
Previous Records and Future Threats
Previously, Microsoft held the record for the largest volumetric DDoS attack, defending against a 3.47 Tbps attack aimed at an Azure customer in Asia. The latest attack, peaking at 3.8 Tbps, has now set a new record for the largest DDoS attack mitigated in the public domain.
In a related report, cloud computing company Akamai confirmed that attackers could exploit recently disclosed vulnerabilities in the Common Unix Printing System (CUPS) on Linux systems for future DDoS attacks. Akamai discovered over 58,000 vulnerable systems that attackers could target by exploiting these security flaws. Compromised CUPS servers could repeatedly respond to requests, amplifying the attack and increasing its impact.
The Growing Need for Robust Cybersecurity
This wave of DDoS attacks underscores the growing sophistication of cybercriminals and the increasing need for robust cybersecurity defenses. As more devices and systems become interconnected globally, organizations must enhance their security protocols and remain vigilant to mitigate the potential impact of such massive DDoS attacks.
