Cloudflare Blocks Largest Recorded DDoS Attack Peaking At 3.8Tbps (bleepingcomputer.com) 6
BleepingComputer's Ionut Ilascu reports: During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.
Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.
Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.
Part of me feels... (Score:2)
like individual ISPs should be suspending accounts of people who's systems are causing mayhem. You can't tell me Comcast and the like don't see this traffic and can't do anything about it. As far as Russia, I doubt anything of value would be lost if we just blocked any packets originating in Russia. Period.
Great Canon (Score:4, Interesting)
Opened a wifi on mobile device at a friend's home recently and there was a LG dishwasher, an internet connected oven and other devices nearby within maybe 100 feet. Not to mention 20 or more routers and other devices many of which will not have any firmware updates after 5 years.
https://en.wikipedia.org/wiki/... [wikipedia.org]
The Great Cannon of China is an Internet attack tool that is used by the Chinese government to launch distributed denial-of-service attacks on websites by performing a man-in-the-middle attack on large amounts of web traffic and injecting code which causes the end-user's web browsers to flood traffic to targeted websites.[1] According to the researchers at the Citizen Lab, the International Computer Science Institute, and Princeton University's Center for Information Technology Policy, who coined the term, the Great Cannon hijacks foreign web traffic intended for Chinese websites and re-purposes them to flood targeted web servers with enormous amounts of traffic in an attempt to disrupt their operations. While it is co-located with the Great Firewall, the Great Cannon is "a separate offensive system, with different capabilities and design."[2]
The solution is simple. (Score:3)
Just file criminal charges against the involved IP addresses under CFAA. Yes, against the actual IP addresses, not the people using them.
It works for the police when they confiscate money, right? They can confiscate the offending IP's and never return them. Problem solved!
Or something.
For the sarcasm-impaired: /s.
Never mind the DDoS (Score:2)
Where can I buy one of these 3.8Tbps routers?