"DDoS detection tool FastNetMon detected a DDoS attack of 1.5 billion packets per second. The target: a European provider of DDoS scrubbing services. The attack is one of the largest DDoS attacks ever, but still falls far short of the 11.5 billion packets recently detected by Cloudflare. The choice of target is striking in any case: the DDoS attack was aimed at a service that protects other organizations against the consequences of such a "packet flood.""
"The malicious traffic originated from more than 11,000 unique networks worldwide. These consisted mainly of compromised customer-premises equipment (CPE), including IoT devices and routers. In other words, many IP addresses of unsuspecting users were unintentionally complicit. UDP floods formed the basis of the attack. This protocol is often abused because it does not require a handshake like TCP and is therefore easier to spoof. The combination of massively hijacked equipment and an efficient attack protocol made the scale of the attack possible."
"The timing of the announcement is striking. Just a few days ago, Cloudflare reported a record-breaking 11.5 Tbps DDoS attack. That was double the size of a previous DDoS attack reported by the same company earlier this year. Unsurprisingly, FastNetMon is enthusiastic about its own Advanced platform, which detected the attack. Thanks to "optimized C++ algorithms for real-time network visibility," FastNetMon detected the attack within seconds. This rapid response prevented service outages that would otherwise have affected the victim."
A 1.5 billion packets-per-second DDoS targeted a European DDoS scrubbing provider and was detected by FastNetMon. Malicious traffic came from more than 11,000 unique networks, mainly compromised customer-premises equipment such as IoT devices and routers, causing many users to be unwittingly complicit. Attackers relied on UDP floods, which are easier to spoof because they do not require a TCP-style handshake. FastNetMon's Advanced platform used optimized C++ algorithms for real-time network visibility to detect the attack within seconds and prevent outages. The incident is seen as part of a dangerous trend, prompting recommendations for ISP-level detection to block outgoing attack traffic.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]