Cloudflare Successfully Thwarts Record-Breaking 3.8 Tbps DDoS Attack
October 3, 2024
Cloudflare, the web infrastructure and security company, has recently mitigated a Distributed Denial of Service (DDoS) attack that peaked at an unprecedented 3.8 terabits per second (Tbps), the largest ever publicly disclosed. This attack is part of a series of hyper-volumetric L3/4 DDoS attacks that Cloudflare has been combating since the beginning of September. The company's automated defenses have successfully mitigated over 100 of these attacks, many of which exceeded 2 billion packets per second (Bpps) and 3 Tbps.
The scale and frequency of these recent DDoS attacks are unparalleled, posing a significant threat to unprotected internet infrastructure. The attacks have been primarily targeting the financial, internet, and telecom industries. The DDoS attacks are predominantly utilizing User Datagram Protocol (UDP) traffic, which originates from compromised devices across the globe. The major sources of these attacks have been identified as Vietnam, Russia, Brazil, Spain, and the United States.
The compromised devices generating high packet rate attacks include MikroTik devices, Digital Video Recorders (DVRs), and web servers. High bitrate attacks, on the other hand, are associated with compromised ASUS routers, likely exploited via a critical, improper authentication flaw (CVE-2024-3080, CVSS score of 9.8). The previous record for a volumetric DDoS attack was held by Microsoft, which reported an attack peaking at 3.47 Tbps with a packet rate of 340 million Pps in late 2021. The largest attack previously mitigated by Cloudflare had peaked at 2.6 Tbps.
Cloudflare emphasized the unprecedented scale and frequency of these attacks. The company stated, “Due to their sheer size and bits/packets per second rates, these attacks have the ability to take down unprotected Internet properties, as well as Internet properties that are protected by on-premise equipment or by cloud providers that just don’t have sufficient network capacity or global coverage to be able to handle these volumes alongside legitimate traffic without impacting performance.” Cloudflare reassured that it possesses the necessary network capacity, global coverage, and intelligent systems to absorb and automatically mitigate these monstrous attacks.
Related News
Latest News
- CosmicSting Attacks Compromise Over 4,000 Adobe Commerce and Magento Stores
- Pervasive 'perfctl' Fileless Malware Threatens Millions of Linux Servers Globally
- Critical Ivanti Vulnerability Actively Exploited, CISA Issues Warning
- Over 700,000 DrayTek Routers Vulnerable to New Security Flaws
- Critical Security Flaws Detected in Optigo Networks ONS-S8 Aggregation Switch
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.