CDN (content delivery network) Cloudflare last week announced that it had detected and mitigated the “biggest denial of service (DDoS) attack in history.” The malicious campaign, which targeted an unnamed financial institution, took place in July.
According to the company, the authors of the DDoS attack sent 17.2 million requests per second to the organization’s server, in order to consume all its processing and make the service unavailable. This number represents three times the number of requests from the previous record.
All of this traffic came from a network of 20,000 devices infected by the Mirai malware. The malicious program is known to break into IoT devices running Linux, such as routers, smart lamps and security cameras, taking advantage of the use of factory passwords not modified by the owners.
Rede Mirai commanded the attack that was prevented by the company.Source: Cloudflare/Disclosure
Also according to Cloudflare, the analysis of the IPs that sent the requests to the server indicated the use of infected devices in 125 countries by the Mirai botnet. Brazil appears in third place on the list, with 7% of gadgets hit by malware, behind India (10%) and Indonesia (15%).
Affecting connected devices
Many people tend not to modify the default access credentials of routers, cameras and other devices, making it easier for malicious files to invade. Once infected, the devices receive commands remotely to attack targets defined by cybercriminals.
Preventing Mirai-type bots from accessing Internet-connected devices is one of the ways to mitigate malicious campaigns like this one that resulted in the biggest DDoS attack in history. To do so, the recommendation is to change the device’s username and password.
The company specializing in network security also said that volumetric attacks tend to be short-lived and difficult to detect, requiring greater attention from organizations.