DDoS Attack With 15 Million Requests per Second Thwarted
Table of Contents
- By Patrick Ryan
- May 04, 2022
Cloudflare, a digital security specialist, is in the news for stopping a record-setting DDoS attack. The DDoS attack in question transmitted an incredible 15 million requests each second. The cloud security provider revealed its quick action mitigated the mammoth distributed denial-of-service attack. The company’s representatives boasted of its successful mitigation of the attack this past Wednesday, noting it is the largest DDoS HTTPS attack ever recorded.
Why are HTTPS DDoS Attacks Significant?
According to Omer Yoachimik of Cloudflare, HTTPS DDoS attacks are comparably costly regarding the computational resources necessary as there is an elevated cost to establish a TLS encryption that is fully secure. As a result, the attackers responsible for the offensive paid that much more to implement the attack. Furthermore, the complexity of this attack also required many more Cloudflare resources for successful mitigation.
What Else is Known About the Attack?
The DDoS attack lasted a mere 15 seconds. However, those 15 seconds were quite intense as they were characterized by nearly 16 million requests per second. The DDoS attack is considered volumetric and meant to exceed the targeted network’s capacity with an influx of harmful traffic. Such traffic usually stems from a botnet operated by the digital miscreant. Cloudflare representatives insist the digital attack emanated from a botnet with 6,000 idiosyncratic devices.
Who Did the Attack Target?
The DDoS attack’s targeted victim has not been identified. However, it has been revealed that the targeted business is a Cloudflare customer that uses a crypto launchpad. The Cloudflare customer in question was on the Professional (Pro) plan provided by the company. Crypto launchpads are helpful for projects of the surfaced DeFi variety. DeFi is an abbreviation for decentralized finance. Cloudflare representatives noted the company’s customers are safeguarded against the botnet responsible for the digital attack and do not need to take specific action to thwart the threat.
Where Did the Attack Come From?
Cloudflare reveals the attack has been sourced to several countries. The company’s representatives state about 15% of the traffic from the attack came from Indonesia. The attack has also been sourced to India, Brazil, the United States, and Russia. It is particularly interesting to note most of the attacks stemmed from data centers. Cloudflare’s brass noted there has been a significant shift away from attacks originating in residential network ISPs to ISPs in the cloud.
Is This the Only Record-Setting DDoS Attack of Late?
No. Several record-setting attacks of this variety have been launched in the previous year. Rewind to the summer of 2021, and Cloudflare revealed the largest attack characterized as an “application-layer” that the world has ever seen. Rewind to the start of 2022, and Microsoft noted it thwarted several DDoS attacks with more than 2.4 terabits per second. Add in the fact that Kaspersky, a digital security firm located in Russia, recently noted DDoS attacks have reached an all-time high as of the initial three months of the new year, and there is even more reason for businesses and other organizations to heighten their digital security defenses.
According to Kaspersky, the DDoS attacks launched in the initial quarter of 2022 are a 4.5 multiple of those from the previous year in the same period of time. Industry veterans insist the rise in DDoS attacks is tied to the Russian offensive against Ukraine.