Web infrastructure service Cloudflare has thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71-million requests per second. According to the company, the attack emanated from a botnet comprising more than 30 000 IP addresses that belonged to “numerous” cloud providers.
Some of the attacked websites included a popular gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms.
It is the largest HTTP DDoS attack reported to date, more than 35% higher than the previous 46-million RSO DDoS attack that Google Cloud thwarted in June 2022. The amount of HTTP DDoS attacks have increased by 79% year-on-year.
“This record-breaking distributed denial-of-service attack is another clear sign that cybercriminals are increasingly emboldened to launch large-scale, hyper-volumetric attacks with the aim of causing maximum damage to websites and online infrastructure,” says Anna Collard, senior vice-president Content Strategy & Evangelist at KnowBe4 AFRICA.
How do you know you’re under attack?
“One of the tell-tale signs that you might be under a DDoS attack is if a site or service suddenly becomes slow or non-responsive,” explains Collard. “But since a legitimate spike in traffic could create similar performance issues, further investigation is usually required.
“The more complex the attack, the more difficult it will be to identify and separate it from normal traffic.”
How common are these types of attacks?
“While DDoS attacks have been around for a while it’s not often that we read about them, certainly less so than ransomware attacks,” says Martin Potgieter, co-founder and technical director at Nclose.
“DDoS attacks typically required continued effort and with that comes an associated cost (ie. rental of a botnet for the duration of the attack) while ransomware requires just the initial effort to encrypt and/or exfiltrate data.
“This means that in most cases it will cost more for an attacker to carry out a DDoS attack, but cybercriminals constantly work in this complex ecosystem with an end goal to make money,” continues Potgieter. “With a drop in the number of organisations that are actually paying ransoms when they are attacked with ransomware, DDoS cannot be ruled out as a mechanism that they will evolve to.”
Mitigating factors
Unlike ransomware attacks, DDoS attacks don’t require an actual system intrusion or foothold within the targeted network. They’re more like a hit-and-run-attack.
To successfully mitigate DDoS attacks requires a variety of strategies including notifying your Internet service provider as soon as possible. Firewalls and routers should be configured to reject bogus traffic and spoofed IP addresses.
Cybercriminals generally target specific industries, so many organisations may not have DDoS attacks high up on their risk registers.
As the size and frequency of DDoS attacks continue to increase it’s crucial for businesses to take a proactive approach to security, implementing layered security defences and regularly stress-testing their Web infrastructure to ensure it can withstand such attacks
“We cannot afford to think of this problem purely through the lens of ‘ransomware’,” says Collard. “This is an extortion crime. DDoS attacks are on the rise and are going to grow in complexity.”