Cloudflare fended off largest DdoS attack to date1. May 2022
Cloudflare fended off largest DdoS attack to date
Cloudflare recently announced that it has repelled a distributed denial of service (DDoS) attack with 15.3 million requests per second (RPS). The web infrastructure and website security company called the attack one of the “largest HTTPS DDoS attacks ever.”
“HTTPS DDoS attacks are more expensive in terms of compute resources required due to the higher cost of establishing a secure TLS-encrypted connection,” said Cloudflare’s Omer Yoachimik and Julien Desgats. “Therefore, it is more expensive for the attacker to launch the attack and for the victim to mitigate it.”
The volumetric DDoS attack reportedly lasted less than 15 seconds and targeted an unnamed Cloudflare customer running a crypto launchpad.
Volumetric DDoS attacks aim to overwhelm a target network or service with significant amounts of malicious traffic, usually originating from a botnet under the control of a threat actor.
According to Cloudflare, the most recent attack was launched from a botnet consisting of about 6,000 individual compromised devices. 15% of the attack traffic originated from Indonesia, followed by Russia, Brazil, India, Colombia and the United States.
“What’s interesting is that the attack came mainly from data centers,” Yoachimik and Desgats said. “We’re seeing a big shift from Internet service providers (ISPs) with private networks to ISPs with cloud computing.”
Record-breaking DDoS attacks have become more frequent in recent months. In August 2021, Cloudflare reported what it said was the largest application-layer attack ever, and earlier this year, Microsoft announced that it had repelled multiple DDoS attacks at more than 2.4 terabits per second (Tbps).