Internet infrastructure provider Cloudflare fends off a massive 3.8 Tbps DDoS attack, surpassing the previous record. Learn how Cloudflare’s advanced security measures protected its customers from this unprecedented cyber threat.
Internet infrastructure provider Cloudflare has successfully repelled a massive distributed denial-of-service (DDoS) attack that reached a staggering 3.8 terabits per second (Tbps) and 2.14 billion packets per second (PPS), confirmed the company’s CEO, Matthew Prince. This unprecedented assault surpasses the previous record of 3.47 Tbps DDoS attack with a packet rate of 340 million PPS encountered by Microsoft in November 2021.
Not all records you’re happy about breaking: @Cloudflare recently mitigated the largest ever reported hyper-volumetric #DDoS attack. 3.8 terabits per second (Tbps) and 2.14 billion packets per second (Bpps). Handled automatically any without any customer impact. Details to come. pic.twitter.com/SuHZsqCEFV
— Matthew Prince 🌥 (@eastdakota) October 1, 2024
The attack was part of a month-long hacking campaign that began in early September 2024. These attacks, designed to overwhelm a website or app with internet traffic, aimed to force Cloudflare’s customers offline. Over 100 volumetric DDoS attacks were launched during this period, with many exceeding 3 Tbps and mainly originating from Vietnam, Russia, Brazil, Spain, and the US.
The hackers utilized a botnet consisting of hijacked internet devices, including Asus and MikroTik routers, DVRs, and web servers.
“The high bitrate attacks appear to originate from a large number of compromised ASUS home routers, likely exploited using a CVE 9.8 (Critical) vulnerability that was recently discovered by Censys,” Cloudflare researchers noted.
The botnet leveraged the User Datagram Protocol (UDP) to generate massive amounts of traffic, overwhelming Cloudflare’s targets. The attacks were primarily focused on volumetric L3/4 DDoS, which aims to exhaust a target’s bandwidth and resources. The target was a customer of an unnamed hosting provider.
While the attacks were severe, Cloudflare was able to mitigate them without significant disruption to its customers. Cloudflare’s global network of individual servers and advanced traffic analysis systems were instrumental in mitigating the record-breaking attack. The company’s ability to distribute incoming traffic and filter out malicious data flow enabled it to effectively defend its customers.
The DDoS campaign targeted various industries, including finance, internet, and telecommunications. The company’s strong network and defence systems ensured that most customers experienced minimal downtime or service degradation.
The threat actors behind the campaign exploited hijacked internet devices, such as routers, DVRs, and web servers, to form a botnet. This botnet leveraged the User Datagram Protocol (UDP) to generate massive amounts of traffic, overwhelming Cloudflare’s targets.
Despite Cloudflare’s successful defence of this record-breaking DDoS attack, the incident highlights the growing sophistication of cyber threats and the importance of adopting reliable internet infrastructure.
The development of new attack techniques and accessible tools makes it easier for attackers to launch large-scale attacks. As online services continue to expand, the need for advanced security measures to protect against such attacks becomes increasingly critical.