oxygen/Getty
Cloudflare is a robust content delivery network (CDN) that specializes in providing protection against distributed denial of service (DDoS) attacks. Last month, Cloudflare blocked the largest DDoS attack in internet history.
This assault peaked at a staggering 7.3 terabits per second (Tbps). That's a data deluge, equivalent to streaming nearly 10,000 high-definition movies in under a minute.
The attack targeted an unnamed hosting provider using Cloudflare's Magic Transit DDoS protection service and delivered a record-breaking 37.4 terabytes of data in just 45 seconds. The attack consisted almost entirely (99.996%) of User Datagram Protocol (UDP) flood attacks.
Also: How to protect your site from DDoS attacks - before it's too late
Thanks to its high data transmission speeds, UDP is commonly used for real-time applications such as gaming and streaming. That same feature lends itself to attacks. UDP-based floods have become increasingly common in hyper-volumetric attacks, which Cloudflare defines as those exceeding 1 Tbps.
The minute remainder, 0.004%, 1.3 GigaByte per second (GBps), was made up of these other attack types -- QOTD reflection, Echo reflection, NTP reflection, Mirai UDP flood, Portmap flood, and RIPv1 amplification. That 0.004% alone would have been enough to knock most unprotected sites off the internet.
The 7.3 Tbps attack represents a 12% increase over the previous record and outpaces the infamous DDoS attack on security journalist Brian Krebs by a full terabit per second. That attack was foiled by Project Shield, a free Google service for organizations at risk from massive DDoS attacks.
While 37.4 TB may not seem extraordinary in today's data terms, the velocity of the attack -- blasting that volume in less than a minute -- set a new benchmark for DDoS intensity. The attack carpet-bombed an average of 21,925 destination ports per second, peaking at 34,517 ports per second on a single IP address.
This particular assault was highly distributed, originating from 122,145 source IP addresses across 161 countries. The majority of this malicious traffic came from Brazil, Vietnam, Taiwan, China, Indonesia, and Ukraine.
... continue reading