How to Scale End-to-End Observability in AWS Environments

The Largest-Ever DDos Attack Stopped in Its Tracks

Cloudflare claims to have identified and closed the lid on a DDoS attack of 17.2 million request-per-second magnitudes, which is said to be about three-fold of the previous record holder.

TL;DR

Cloudflare, on August 19, 2021, released a report that seized the headlines. The groundbreaking report detailed how Cloudflare's Cloudflare’s autonomous edge DDoS protection systems automatically flagged a DDos attack rated at 17.2million request-per-second (rps).

The more the requests, the more the magnitude of the attack.
The more the requests, the more the magnitude of the attack.
Key Facts
  1. 1

    The magnitude of this attack has never been recorded in Cloudflare's history of DDoS attacks.

  2. 2

    The DDoS attack was automatically detected by a nemesis-like security software built by Cloudflare.

  3. 3

    The main target of this attack was a Cloudflare client rooted in finances.

  4. 4

    The attack was traced to over 20,000 bots from over half the countries on Planet Earth.

  5. 5

    The previous most significant DDoS attack in Cloudflare's records was reported at less than 8million rps.

Details

Just two weeks after over a dozen UDP and TCP-based DDoS attacks with a maximum peak of 1.2 Tbps by a Mirai-variant botnet was detected by Cloudflare, the web performance and security firm recorded another DDoS attack. However, the latter is of a more ginormous magnitude that's never been seen before. One could call the earlier attempt 'testing the waters.'

The distributed denial-of-service (DDoS) attack takes advantage of its target's network traffic limits. Once determined, threat actors will send multiple requests to stretch and overwhelm the target's infrastructure with internet traffic, running the target website out of its depth and ultimately preventing it from functioning. The more the requests, the more the magnitude of the attack. To line up a sizable amount of requests, threat actors use previously compromised systems to generate network traffic. These systems could be computers or other web services.

Previous reports of DDoS attacks have gained relevance based on the number of requests generated per second (rps). Last week, a Cloudflare client was the target of an HTTP DDoS attack that amassed way less than 8 million rps. Usually, that amount of rps would be dismissed as impossible, but they are with the existence of botnets.

Cloudflare's latest DDoS report claims its anti-DDoS 'autonomous edge DDoS protection systems' automatically detected and thwarted a 17.2 million rps attack. The primary tool Incorporated in the system is Cloudflare's self-built denial of service daemon (dosd), and they have one for each of their data centers placed around the world. The dosd instances monolithically operate and share discoveries as an intelligent network.

Graph of 17.2M requests-per-second Graph of 17.2M requests-per-second

Upon detection of an attack, Cloudflare's dosd systems move to reduce impact with a real-time syntax familiar to the attack patterns. Many technical operations are performed to ensure Cloudflare can deal with attacks of such magnitude without suffering on the performance end. Cloudflare leverages this system along with its pre-existing, reputational geographical scale and reliability to reduce attacks reaching 68% of its usual per-second rate or higher without the intervention of Cloudflare personnel.

A powerful botnet launched this attack against a Cloudflare client in the financial industry. Within seconds, the botnet flooded Cloudflare's servers with over 330 million attack requests. The attack traffic was traced back to over 20,000 bots in 125 countries around the world. Indonesia had the most amount of bots, with 15% coming from there alone; then 17% from Brazil and India combined.


Get similar news in your inbox weekly, for free

Share this news:
How to Scale End-to-End Observability in AWS Environments

Latest stories


How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring

We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …

AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost

In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …

A Review of Zoho ManageEngine

Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …

Should I learn Java in 2023? A Practical Guide

Java is one of the most widely used programming languages in the world. It has …

The fastest way to ramp up on DevOps

You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …

Why You Need a Blockchain Node Provider

In this article, we briefly cover the concept of blockchain nodes provider and explain why …

Top 5 Virtual desktop Provides in 2022

Here are the top 5 virtual desktop providers who offer a range of benefits such …

Why Your Business Should Connect Directly To Your Cloud

Today, companies make the most use of cloud technology regardless of their size and sector. …

7 Must-Watch DevSecOps Videos

Security is a crucial part of application development and DevSecOps makes it easy and continuous.The …