Website security company Cloudflare announced on Thursday that it has stopped the biggest DDoS attack in recorded history. Also called distributed denial of service attacks, DDoS attacks are an attempt to overload the bandwidth of a website or an internet service to take it down.
According to Cloudflare, the attack was launched last month by a Mirai botnet and targeted an unidentified customer in the financial sector. There were more than 17.2 million requests per second (rps) to disrupt network traffic — a number three times higher than previous attacks recorded by the company.
“To get a perspective on how big the attack was, Cloudflare serves, on average, more than 25 million HTTP requests per second,” the company explained in a statement about the attack. “With a peak of 17.2 million rps, the attack hit 68% of our average traffic rate in the second quarter of 2021.”
Brazil: one of the main pillars for the attack
In general, DDoS attacks originate in networks of malware-infected systems and act by amplifying requests to scale the onslaught. In this incident, attack traffic proliferated to more than 20,000 bots in 125 countries. Based on IP addresses, at least 15% of bots came from Indonesia, followed by India and Brazil, which together account for 17% of queries. Cloudflare also indicated that there is a large network of devices infected by malware in Brazilian soil.
The Mirai botnet, which characterized the attack, was born in 2016, when it became famous for leaving almost a million people without internet in Germany. Basically, this type of network targets iOT devices and takes advantage of flaws in firmware or access settings to turn the device into a bot and start attacks.
According to Cloudflare, attacks with Mirai, even with little resonance, have been frequent in recent weeks: in July alone, for example, the use of the botnet grew 88%. Even two weeks ago, a Mirai network was identified in Asia with the aim of targeting a game studio and an internet and telecommunications provider, but the procedure was unsuccessful.
To prevent such attacks on personal computers, Cloudfare advises the user to always change their name/password on devices such as smart-cameras and routers, in addition to enabling automated protection services. “In these cases, the attack ends before a security engineer has time to analyze your traffic or activate your standby DDoS protection system,” warns the company.
Have watched our new videos on YouTube? Subscribe to our channel!