The largest ever DDoS attack has just been blocked - here's how it was done
Cloudflare says it mitigated a 3.8Tbps DDoS attack
Cloudflare has claimed to have recently mitigated the biggest Distributed Denial of Service (DDoS) attack in history.
In a company blog post, Cloudflare outlined how, throughout September 2024, an unnamed threat actor targeted multiple customers in the financial services, internet, and telecommunication industries, among others.
Without naming any specific targets, Cloudflare said that the attack campaign targeted bandwidth saturation, as well as resource exhaustion of in-line applications and devices.
Bots across the world
The attack included “over one hundred hyper-volumetric L3/4 DDoS attacks”, many of which exceeded 2 billion packets per second (Bpps), and 3 terabits per second (Tbps).
A hyper-volumetric L3/4 DDoS attack is a type of DDoS attack targeting layers 3 (network) and 4 (transport) of the OSI model (framework that standardizes network communication). It overwhelms the target’s bandwidth or network infrastructure with massive amounts of traffic, often using techniques like UDP floods or TCP SYN floods. The goal is to exhaust the resources of the target system, making it unavailable to legitimate users.
Of all the attacks, one stood out - when it peaked at 3.8 Tbps. This is, according to Cloudflare, “the largest ever disclosed publicly by any organization.” It predominantly leveraged UDP on a fixed port, the company said, and originated from across the globe. The majority of the endpoints used in the attack came from Vietnam, Russia, Brazil, Spain, and the US.
Detection and mitigation was all automatic, Cloudflare says. It added that the key reason why it was able to tackle it was because the company has servers across the world, which essentially water down incoming botnet traffic.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Generally, DDoS attacks are done via botnets - vast networks of compromised endpoints such as routers, smart home devices, and similar. These attacks included traffic from MikroTik devices, DVRs, and web servers, as well as compromised ASUS home routers, which were likely exploited using a CVE 9.8 (Critical) vulnerability that was recently discovered by Censys.
Before this one, the largest-ever observed DDoS attack was 3.47 Tbps strong, and was mitigated by Microsoft in November 2021.
Via PCMag
More from TechRadar Pro
- This sneaky Linux malware went undetected for years, and is using all-new attack tactics
- Here's a list of the best firewall software around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.