Cloudflare announced it had autonomously mitigated the largest distributed denial-of-service (DDoS) attack ever recorded.
The hyper-volumetric attack peaked at an unprecedented 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), setting a new and alarming benchmark for the scale of cyber threats.
This attack is more than double the size of any previously observed DDoS event, signaling a significant escalation in the capabilities of malicious actors and the botnets they command.
The previous record was an 11.5 terabits per second UDP Flood attack. This attack lasted for 35 seconds.
Record-Breaking DDoS Attack
The record-breaking attack was notable not just for its sheer size but also for its shortness. The entire event lasted only about 40 seconds, a tactic designed to overwhelm defenses before they have a chance to respond fully.
Attackers are increasingly using these “hit-and-run” DDoS attacks to cause maximum disruption in a minimal timeframe, making automated, real-time detection and mitigation absolutely critical.
The assault, which directed a torrent of 22.2 Tbps of malicious traffic, was a multi-vector attack, combining various techniques to amplify its impact.
Such hyper-volumetric attacks are typically launched from massive botnets, networks of compromised computers and IoT devices, which are harnessed to flood a target’s servers with an overwhelming amount of traffic, rendering its services unavailable to legitimate users.
According to Cloudflare, its systems autonomously detected and blocked the attack without any human intervention. This successful defense highlights a crucial shift in cybersecurity: the necessity of automated systems powered by machine learning to counter threats that operate at machine speed.
Legacy DDoS “scrubbing” centers, which often require manual analysis and traffic redirection, are ill-equipped to handle attacks of this magnitude and velocity.
Cloudflare’s global network, with its vast capacity, was able to absorb and neutralize the malicious traffic at the edge, close to its source.
This prevented the attack from reaching and overwhelming the intended target, ensuring its online services remained available and performant throughout the brief but intense assault.
The critical question for every business is whether its security provider possesses the network capacity and automated technology to withstand such an onslaught.
As attackers continue to refine their methods and expand their botnets, the frequency and intensity of hyper-volumetric attacks are expected to grow.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
Source link
