20.5k unique visitors in the last 3 days

Cloudflare Stops Huge DDoS Attack That Made 17mn Requests per Second

The content distribution and security business said the attack was three times greater than any previously reported.

The risk of distributed denial of service (DDoS) attacks should never be disregarded, as illustrated by news that Cloudflare, the US content distribution and security business, recently stopped an internet attack with the highest number of requests per second (RPS) ever recorded. A mind-boggling 17.2mn RPS were generated by a Mirai-powered botnet targeting an unnamed business in the financial services sector. To give a sense of scale, this is more than two-thirds of the average level of traffic that Cloudflare normally has to deal with in order to support 25 million websites worldwide. The attack lasted several minutes and generated 330mn requests in total using 20,000 bots across 125 countries. Cloudflare described the attack as “almost three times the size of any other reported HTTP DDoS attack”.

Volumetric DDoS attacks are designed to overwhelm the bandwidth of a specific network. They tend to rely on botnets assembled by infiltrating malware into computers, servers and IoT devices. The botnet in this particular attack has also been used to launch two other recent DDoS attacks, one against a telco and another against a gaming business. Analysis of the IP addresses shows that nearly 15 percent of the bots are located in Indonesia, and almost 10 percent are in India, indicating high levels of malware penetration in those countries.

The scale of this attack highlights why IoT manufacturers need to do a better job of securing their products. The Mirai malware often infects devices like security cameras by repeatedly attempting to use well-known default usernames and passwords created by manufacturers. New legislation proposed in the UK seeks to ban the use of default credentials by IoT manufacturers and other countries are likely to adopt similar rules.

You can read Cloudflare’s blog about this DDoS attack here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email