AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

An unprecedented offensive: Cloudflare and the record-breaking DDoS

Learn how Cloudflare thwarted the most powerful DDoS attack ever recorded and protect your networks from advanced cyber threats

Cloudflare blocked a record 3.8 Tbps DDoS attack. The malicious traffic came from compromised ASUS routers. The attack exploited vulnerabilities in network layers 3 and 4, but Cloudflare's automated defenses minimized the impact to users.

This pill is also available in Italian language

Cloudflare recently successfully addressed and blocked a historic Distributed Denial of Service (DDoS) attack, peaking at 3.8 terabits per second (Tbps), the largest publicly documented attack to date. The Content Delivery Network (CDN) company identified the attack as part of a much larger campaign that lasted for about a month. During that time, the attack was notable for its extraordinary packet volume, reaching over 2 billion packets every second, and pressured targeted infrastructure through techniques targeted at the L3 and L4 levels.

DDoS stratagems: L3 and L4 levels in detail

Layer 3 (L3) attacks aim to saturate the capacity of network infrastructures by simultaneously sending massive data packets, focusing on network resources. On the other hand, at Layer 4 (L4), the focus shifts to exhausting the transport resources of a network with connection requests and anomalous traffic. According to Cloudflare, its defenses operated completely automatically and invisibly to end users, minimizing the impact on the services offered to customers. This transparent defense mechanism has proven its effectiveness in protecting both the infrastructure involved and users from the deleterious effects of the attack.

Critical timing and sources of malicious traffic

The peak of the attack was relatively short, starting at 15:01:25 and ending shortly after, at 15:02:30, when it was neutralized. The malicious traffic was found to be coming mainly from a large group of ASUS routers, presumably compromised through a serious vulnerability, recently identified with a near-maximum severity rating (9.8 out of 10) by Censys researchers. It is important to remember that any connected device, from laptops to IoT devices such as home appliances and smart bulbs, can become an integral part of a DDoS attack if a vulnerability is discovered or not patched.

Geolocation of Cloudflare attacks and motivations

The geographic origin of malicious traffic was mainly attributed to three countries: Russia (over 12%), Vietnam (over 11%), and the United States (about 10%). Italy was also involved, contributing 2.8% of the total malicious traffic. For companies like Cloudflare, disclosing these attacks and their defense methods is strategically advantageous: not only does it highlight the company's technical capabilities, but it also reassures customers and the public that their defense solutions are effective and reliable. Transparency towards the public is essential, especially when the effectiveness of these defenses ensures that customers do not suffer tangible disruptions.

Follow us on Facebook for more pills like this

10/04/2024 14:10

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon