Cybersecurity firm Cloudflare reported last Thursday (19) that it has successfully stopped the largest targeted denial of service (DDoS) attack in history. Marked by no less than 17.2 million access requests per second, it was almost three times the previous record — and much of that traffic originated in Brazil.
To put the size of the attack into perspective, the company stated that, at an average time, it serves an average of approximately 25 million HTTP requests per second. As a result, the attack accounted for 68% of the connections the company expected to have to deal with during the second fiscal quarter of the year.
Cloudflare was able to stop the attack using the proprietary tool Dosd, which works on every server and data center it owns around the world. By performing real-time traffic analysis of out-of-the-way networks, the system is able to detect the existence of DDoS attacks without causing latency or connection issues.
Want to catch up on the best tech news of the day? Access and subscribe to our new youtube channel, Canaltech News. Everyday a summary of the main news from the tech world for you!
When an attack is detected, the traffic generated by it is redirected in order to guarantee the continuity of the target address, reducing the consumption of processing power and bandwidth used in the process. The record-breaking attack was started from a botnet that targeted a company in the financial sector and which had more than 20,000 bots spread across 125 countries around the world.
Most of the used traffic started in Indonesia (15%), with Brazil and India, together, corresponding to 17% of the network. Other countries detected include Vietnam, Ukraine, Cambodia, Thailand, Bangladesh and Russia — the higher incidence of bots in a location is indicative of the number of malware-infected machines present there.
DDoS attacks are on the rise
“Within seconds [após o disparo dos ataques], the botnet has bombarded Cloudflare’s edge with more than 330 million attack requests,” the company states in its blog. Tyler Shields, head of marketing at security company JupiterOne, told eSecurity Planet, the characteristics of the attack show that it was engineered by a likely large and well-funded group.
DDoS attacks have intensified in 2021, following a trend established in the previous year. According to Netscout’s Atlas Security Engineering and Response Team (ASERT), there were 2.9 million such attacks in the first quarter of 2021 — an increase of 31 over the same period last year. The company points out that the health and education sectors are the main targets, and that attacks are only likely to increase as those responsible discover new attack vectors and exploit more varied vulnerabilities.
Source: eSecurity Planet, Cloudflare
Did you like this article?
Sign up for your email on Canaltech to receive daily updates with the latest news from the world of technology.