As per recent media reports, Cloudflare has successfully disclosed the mitigation of a record-breaking distributed denial-of-service (DDoS) attack. The DDoS Cloudflare attack, at its peak, was 3.8 terabits per seconds (Tbps) and had a duration of around 65 seconds. In this article, we’ll dive into the details of the attack and determine how it was successfully mitigated. Let’s begin! 

The DDoS Cloudflare Attack Uncovered

Before we dive into the details of the DDoS Cloudflare attack, it’s worth mentioning that the web infrastructure and security company has experienced hyper-volumetric L3/4 DDoS attacks since early September 2024. These malicious activities have not been attributed to any threat actor, and key targets include customers across various sectors, such as:

• Internet. 
• Financial Services.
• Telecommunication.

Commenting on these attacks, Cloudflare has stated that it has mitigated: 

“Over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (Tbps).”

Prior to the largest ever DDoS Cloudflare attack, the most severe one was identified in November 2021. That attack peaked at 3.47 Tbps and targeted an unnamed customer of Microsoft Azure in Asia. The DDoS Cloudflare attack series is likely originating from a large botnet that includes compromised ASUS home routers. 

The web security and infrastructure company has also mentioned that these routers are being exploited via a flaw tracked as CVE-2024-3080. It’s worth noting that the flaw has a critical vulnerability severity score (CVSS) of 9.8.

DDoS Attack Arsenal And End Goal

As per recent reports, the DDoS Cloudflare attack leverages the User Datagram Protocol (UDP) protocol on a fixed port. A majority of the packets involved in the attack originated from multiple countries that include:  

• Brazil.
• Spain.
• Russia. 
• Vietnam. 
• The U.S.

In addition, the compromised devices used to initiate the attack mainly include MikroTik devices, DVRs, and web servers. Reports have cited Cloudflare elaborating on the end goal of the attacks. According to the company, the DDoS Cloudflare attack series aims to exhaust the bandwidth and CPU cycles of a target network, preventing access for legitimate users. 

Attack Mitigation Insights 

Understanding the insights retrieved from the DDoS Cloudflare attack mitigation is essential for those keen on developing a security strategy to ensure protection. When it comes to defending against high packet rate attacks, it’s essential to inspect and discard bad packets. 

In doing so, the CPU cycles should be kept to a minimum so good packets can be processed. Providing further insights pertaining to mitigation efforts, Cloudflare has stated that:  

“Many cloud services with insufficient capacity, as well as the use of on-premise equipment, are not sufficient to defend against DDoS attacks of this size, since the high bandwidth utilization that can clog up Internet links and due to the high packet rate that can crash in-line appliances.”

Conclusion 

Cloudflare’s successful mitigation of a record-breaking DDoS attack highlights the escalating threats faced by global sectors like internet, finance, and telecommunications. Leveraging insights from this incident is crucial for enhancing cybersecurity strategies against evolving threats targeting bandwidth and CPU resources worldwide. 

In addition, using robust cybersecurity measures is also necessary as it can help lower risk exposure and can improve the security posture. 

The sources for this piece include articles in The Hacker News and The Cloudflare Blog.

The post Largest DDoS Cloudflare Attack On Global Sectors Mitigated appeared first on TuxCare.

*** This is a Security Bloggers Network syndicated blog from TuxCare authored by Wajahat Raja. Read the original post at: https://tuxcare.com/blog/largest-ddos-cloudflare-attack-on-global-sectors-mitigated/