Cloudflare helps mitigate a series of record-breaking DDoS attacks
DDoS attacks are getting bigger and more advanced. This is according to Cloudflare which, last week, helped mitigate the largest DDoS attack yet. The HTTP/2-based attack which peaked at 71 million requests-per-second was one of several DDoS attacks launched against multiple websites on the same day.
Most of the other attacks mitigated by Cloudflare on that day ranged between 50-70 million requests-per-second which beats the previous biggest-ever DDoS attack that was detected and stopped by Google in June 2022.
According to Cloudflare, the attacks were executed from more than 30,000 IP addresses, and the targeted companies include cloud computing platforms, gaming providers, cryptocurrency companies, and hosting providers.
However, instead of relying on residential IP addresses to execute the attack, the cybercriminals used traffic from cloud providers which is the new trend in the world of DDoS attacks.
“Over the past year, we've seen more attacks originate from cloud computing providers,” said Cloudflare adding that the shift had prompted Cloudflare to develop a free botnet threat feed to monitor threats.
“For this reason, we will be providing service providers that own their own autonomous system a free Botnet threat feed. The feed will provide service providers threat intelligence about their own IP space; attacks originating from within their autonomous system.”
The threat monitor is currently in trial, but interested companies can sign up for early access.
DDoS attacks work by overwhelming a website with fake traffic. The attackers then profit by demanding payment from the website owner to kill the traffic.
Generally, DDoS attacks are not considered high-level risks but they are becoming more advanced and site masters need to have measures in place to mitigate them.
According to Cloudflare, the number of HTTP DDoS attacks grew 79 percent year-over-year in 2022 and the number of volumetric attacks of more than 100 Gb/s jumped 67 percent quarter-over-quarter. DDoS attacks lasting more than 3 hours have also grown 87% quarter-over-quarter.
At the start of 2022, the largest recorded DDoS attack was 15.3 million requests-per-second and barely a year later, we have a new record. It seems it will only get worse from here which is why you can’t continue sleeping on DDoS attacks.
Cloudflare noted that last week’s attacks were unrelated to the recent DDoS attacks by Killnet on US hospitals and health clinics that had dominated the news earlier. The cyber gang with ties to Russia claimed responsibility for a series of high-profile attacks targeting healthcare facilities in various institutions including the University of Michigan, Stanford University, Duke University, and Cedars-Sinai.