HTTP DDoS Attack

Cloudflare stated that it mitigated a 17.2 million request-per-second (rps) DDoS attack, an attack about three times larger than any previous one that was recorded so far.

This attack took place earlier last month, targeted one of Cloudflare’s customers in the financial industry. The company said that a threat actor used a botnet of more than 20,000 infected devices to flung HTTP requests at the customer’s network to consume and crash server resources.

Largest HTTP DDoS Attack

Cloudflare serves over 25 million HTTP requests per second on average, that is, to the average rate of legitimate traffic in 2021 Q2. This attack reached 68% of our Q2 average rps rate of legitimate HTTP traffic.

Cloudflare’s Average Request Per Second Rate Versus The DDoS Attack

This attack was automatically detected and mitigated by Cloudflare’s autonomous edge DDoS protection systems.

“Analyzing traffic out-of-path allows us to scan asynchronously for DDoS attacks without causing latency and impacting performance”, Cloudflare says.

The report mentions that this autonomous approach, along with the company’s network’s global scale and reliability, help to mitigate attacks that reach 68% of average per-second-rate, and higher, without requiring any manual mitigation or performance degradation.

This attack was launched by a powerful botnet, the company says within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests. The attack traffic originated from more than 20,000 bots in 125 countries around the world. Based on the bots’ source IP addresses, almost 15% of the attack originated from Indonesia and another 17% from India and Brazil combined.

Graph of 17.2M rps Attack

The report says the attack also targeted a different Cloudflare customer, a hosting provider, with an HTTP DDoS attack that peaked just below 8 million rps.

The attack target was a major APAC-based Internet service, telecommunications and hosting provider and a gaming company.

How to Stay Protected?

  • Onboard to Cloudflare to protect your Internet properties.
  • DDoS is enabled out of the box, and you can also customize the protection settings.
  • Ensure that both your Cloudflare settings and your origin server settings are optimized. If possible, ask your upstream Internet Service Provider (ISP) to apply an access control list (ACL), or else, attackers may target your servers’ IP addresses directly and bypass your protection.
  • Change the default username and password of any device that is connected to the Internet such as smart cameras and routers.

Protect your home against malware with Cloudflare for Families. Cloudflare for Families is a free service that automatically blocks traffic from your home to malicious websites and malware communication.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.