Cloudflare successfully mitigated a massive hyper-volumetric DDoS attack that peaked at over 71 million requests per second (RPS), making it the largest reported HTTP DDoS attack on record!.
The attack was part of a series of record-breaking DDoS attacks blocked by Cloudflare during the weekend, originating from over 30,000 IP addresses and targeting various industries.
The Largest HTTP DDoS Attack on Record
Cloudflare points out that the volume of the attack was more than 35% higher than the previously reported record of 46M RPS that was mitigated by Google in June 2022.
The HTTP/2-based attacks aimed at popular gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms.
Cloudflare is working with numerous cloud providers to dismantle the botnet behind the malicious traffic.
The Growing Threat of Distributed Denial-of-Service Attacks
Cloudflare observed a growing number of distributed denial-of-service attacks originating from cloud computing providers in the past year.
Cloudflare will provide service providers that own their own autonomous systems with a free Botnet threat feed to provide threat intelligence about their own IP space.
The size, sophistication, and frequency of distributed denial-of-service attacks have been increasing over the past months.
The Latest DDoS Threat Report
In the latest DDoS threat report published by Cloudflare, the company estimated that
- the amount of HTTP DDoS attacks increased by 79% year-over-year
- the amount of volumetric attacks exceeding 100 Gbps grew by 67% quarter-over-quarter (QoQ),
- and the number of attacks lasting more than three hours increased by 87% QoQ.
Ransom DDoS attacks steadily increased throughout the year and peaked in November 2022, with one out of every four surveyed customers reported being subject to Ransom DDoS attacks or threats.
The recent DDoS attacks have highlighted the need for businesses to take proactive measures to protect themselves from such threats.
Cloudflare’s free Botnet threat feed is a step towards empowering service providers to defend their IP space against DDoS attacks.
As the audacity of attackers continues to increase, it is essential to remain vigilant and take necessary precautions to mitigate the risk of DDoS attacks.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.