Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Internet

Cloudflare Blocks Largest Recorded DDoS Attack Peaking At 3.8Tbps (bleepingcomputer.com) 8

BleepingComputer's Ionut Ilascu reports: During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.

Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.

This discussion has been archived. No new comments can be posted.

Cloudflare Blocks Largest Recorded DDoS Attack Peaking At 3.8Tbps

Comments Filter:
  • like individual ISPs should be suspending accounts of people who's systems are causing mayhem. You can't tell me Comcast and the like don't see this traffic and can't do anything about it. As far as Russia, I doubt anything of value would be lost if we just blocked any packets originating in Russia. Period.

    • Great Canon (Score:5, Interesting)

      by will4 ( 7250692 ) on Thursday October 03, 2024 @07:54PM (#64838405)

      Opened a wifi on mobile device at a friend's home recently and there was a LG dishwasher, an internet connected oven and other devices nearby within maybe 100 feet. Not to mention 20 or more routers and other devices many of which will not have any firmware updates after 5 years.

      https://en.wikipedia.org/wiki/... [wikipedia.org]

      The Great Cannon of China is an Internet attack tool that is used by the Chinese government to launch distributed denial-of-service attacks on websites by performing a man-in-the-middle attack on large amounts of web traffic and injecting code which causes the end-user's web browsers to flood traffic to targeted websites.[1] According to the researchers at the Citizen Lab, the International Computer Science Institute, and Princeton University's Center for Information Technology Policy, who coined the term, the Great Cannon hijacks foreign web traffic intended for Chinese websites and re-purposes them to flood targeted web servers with enormous amounts of traffic in an attempt to disrupt their operations. While it is co-located with the Great Firewall, the Great Cannon is "a separate offensive system, with different capabilities and design."[2]

      • by unrtst ( 777550 )

        ... and when that happens, the traffic generated comes from the device that was compromised, generating what we're assuming is a noticeable amount of traffic within the ISP. IE: do comcast and the like see and detect this traffic or not? I don't see any reason why they wouldn't notice it and be able to shut off those user accounts, or block the offending streams of traffic, or at least throttle them (they throttle people all the time for downloading too much).

  • by ZenShadow ( 101870 ) on Thursday October 03, 2024 @06:42PM (#64838277) Homepage

    Just file criminal charges against the involved IP addresses under CFAA. Yes, against the actual IP addresses, not the people using them.

    It works for the police when they confiscate money, right? They can confiscate the offending IP's and never return them. Problem solved!

    Or something.

    For the sarcasm-impaired: /s.

  • Where can I buy one of these 3.8Tbps routers?

  • Cloudflare can do all this, and yet somehow not a single human was inconvenienced, nor did they have to fill in endless captchas. /s

"Hello again, Peabody here..." -- Mister Peabody

Working...