Earlier this week, Cloudflare automatically detected and mitigated a DDoS attack that peaked just below 2 Tbps — the largest we’ve seen to date.
This was a multi-vector attack combining DNS amplification attacks and UDP floods. The entire attack lasted just one minute. The attack was launched from approximately 15,000 bots running a variant of the original Mirai code on IoT devices and unpatched GitLab instances.
Network-layer DDoS attacks increased by 44%
Last quarter, we saw multiple terabit-strong DDoS attacks and this attack continues this trend of increased attack intensity. Another key finding from our Q3 DDoS Trends report was that network-layer DDoS attacks actually increased by 44% quarter-over-quarter. While the fourth quarter is not over yet, we have, again, seen multiple terabit-strong attacks that targeted Cloudflare customers.
How did Cloudflare mitigate this attack?
To begin with, our systems constantly analyze traffic samples “out-of-path” which allows us to asynchronously detect DDoS attacks without causing latency or impacting performance. Once the attack traffic was detected (within sub-seconds), our systems generated a real-time signature that surgically matched against the attack patterns to mitigate the attack without impacting legitimate traffic.
Once generated, the fingerprint is propagated as an ephemeral mitigation rule to the most optimal location in the Cloudflare edge for cost-efficient mitigation. In this specific case, as with most L3/4 DDoS attacks, the rule was pushed in-line into the Linux kernel eXpress Data Path (XDP) to drop the attack packet at wirespeed.
Read more about Cloudflare’s DDoS Protection systems.
Helping build a better Internet
Cloudflare’s mission is to help build a better Internet — one that is secure, faster, and more reliable for everyone. The DDoS team’s vision is derived from this mission: our goal is to make the impact of DDoS attacks a thing of the past. Whether it’s the Meris botnet that launched some of the largest HTTP DDoS attacks on record, the recent attacks on VoIP providers or this Mirai-variant that’s DDoSing Internet properties, Cloudflare’s network automatically detects and mitigates DDoS attacks. Cloudflare provides a secure, reliable, performant, and customizable platform for Internet properties of all types.
For more information about Cloudflare’s DDoS protection, reach out to us.
Source: Cloudflare
INTERNATIONAL NEWS
Crypto ID promotes international articles about a wide range of topics, including information security, cybersecurity, cryptography, digital identification, encryption, biometrics, blockchain technology, and cryptocurrencies, encompassing data and other technologies related to cybersecurity and digital transformation.
During the last ten years, Crypto ID has been providing innovative content about digital security, identification, and privacy solutions. We celebrate this journey with the certainty that trust is the base for a solid and promising digital future.
Advertising at CRYPTO ID, your organization contributes to the dissemination of technological innovations that enable secure and reliable electronic transactions between businesses and people.
+55 11 3881-0053 | contato@cryptoid.com.br
Você quer acompanhar nosso conteúdo? Então siga nossa página no LinkedIn!
Ransom DDoS: Hackers estão usando ataques DDoS para pedir resgate
Angola Cables disponibiliza uma nova solução de segurança Anti-DDoS
Ataques DDoS: como se proteger da ameaça crescente?
NETSCOUT Arbour confirma novo ataque de DDoS desta vez com amplificação de 1.7Tbps