Cloudflare has successfully mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted for 65 seconds. This unprecedented attack targeted various sectors, including financial services and telecommunications, highlighting the increasing threat posed by cybercriminals.
Key Takeaways
Cloudflare mitigated a DDoS attack peaking at 3.8 Tbps.
The attack lasted for 65 seconds and targeted multiple industries.
Previous record was 3.47 Tbps in November 2021.
Attacks are linked to a large botnet exploiting vulnerabilities in ASUS routers.
DDoS attacks have surged by 30% in the first half of 2024.
Overview Of The Attack
The attack, which occurred in early October 2024, was part of a series of hyper-volumetric L3/4 DDoS attacks that Cloudflare has been monitoring since September. The company reported that it faced over one hundred such attacks throughout the month, many of which exceeded 2 billion packets per second (Bpps) and 3 Tbps.
The previous record for the largest volumetric DDoS attack was 3.47 Tbps, which targeted a Microsoft Azure customer in Asia in November 2021. The recent attack's scale underscores the evolving tactics of cybercriminals and the need for robust cybersecurity measures.
Attack Characteristics
The DDoS attack utilized the User Datagram Protocol (UDP) on a fixed port, with packet floods originating from various countries, including:
Vietnam
Russia
Brazil
Spain
The United States
These attacks involved compromised devices such as MikroTik routers, DVRs, and web servers. Cloudflare indicated that the high bitrate attacks likely stemmed from a large botnet exploiting a critical vulnerability in ASUS home routers (CVE-2024-3080), which has a CVSS score of 9.8.
Impact On Industries
The financial services, internet, and telecommunications sectors were particularly targeted, reflecting a broader trend in DDoS attacks. According to NETSCOUT, these sectors have experienced a 55% increase in DDoS attacks over the past four years, with a 30% rise in volumetric attacks in the first half of 2024 alone.
Challenges In Mitigation
Cloudflare emphasized the challenges of defending against such high packet rate attacks. Effective mitigation requires the ability to inspect and discard malicious packets while preserving CPU resources for legitimate traffic. Many cloud services and on-premise equipment lack the capacity to handle attacks of this magnitude, leading to potential service disruptions.
The Rise Of DDoS Attacks
The surge in DDoS attacks is attributed to various factors, including hacktivist activities targeting global organizations. The use of DNS-over-HTTPS (DoH) for command-and-control operations complicates detection and mitigation efforts. NETSCOUT noted that the implementation of distributed botnet infrastructures further complicates defense strategies, as both inbound and outbound activities from infected systems must be managed.
Future Considerations
As the threat landscape evolves, organizations are advised to enhance their cybersecurity measures. The recent discovery of vulnerabilities in the Common UNIX Printing System (CUPS) could also serve as a vector for DDoS attacks, with researchers warning that a significant number of devices are potentially exploitable.
Organizations should consider removing unnecessary services like CUPS and implementing firewalls to protect against potential threats. The ongoing evolution of DDoS tactics necessitates a proactive approach to cybersecurity, ensuring that defenses are robust enough to withstand future attacks.
Cybersecurity threats are growing more sophisticated every day, making it essential for businesses to stay ahead of the curve. BetterWorld Technology is here to help you navigate this complex landscape and safeguard your valuable data. Don't wait for a breach to occur—take control of your cybersecurity today. Book a consultation with BetterWorld Technology now, and let our experts tailor a solution that fits your unique needs.
Sources
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors, The Hacker News.