Over the Labor Day weekend Cloudflare stopped a record 11.5 Tbps distributed denial-of-service attack, surpassing a prior 7.3 Tbps peak by almost 60 percent. The attack was a hyper-volumetric User Datagram Protocol (UDP) flood lasting about 35 seconds and delivering over 5.1 billion packets per second. Traffic originated from a mix of compromised IoT devices and cloud provider accounts, with some sources traced to compromised Google Cloud accounts. Hyper-volumetric UDP floods saturate bandwidth and force targets to process packets and reply with ICMP "Destination Unreachable" messages for unused ports, rapidly exhausting compute resources. Cloudflare's global autonomous mitigation network neutralized the attack in real time without notable customer impact.
Over the Labor Day weekend, Cloudflare says it successfully stopped a record-breaking distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps). This came only a few months after Cloudflare blocked a then all-time high DDoS attack of 7.3 Tbps. This latest attack was almost 60% larger. According to Cloudflare, the assault was the result of a hyper-volumetric User Datagram Protocol (UDP) flood attack that lasted about 35 seconds. During that just more than half-minute attack, it delivered over 5.1 billion packets per second.
Hyper-volumetric UDP flood attacks are simple, but they're becoming more common and nasty. The assault seeks to overwhelm a target with an immense volume of UDP packets ranging from millions to billions of UDP packets per second. This works by saturating a target's bandwidth. In addition, since the target must process each packet and, for unused ports, typically respond with Internet Control Message Protocol (ICMP) "Destination Unreachable" ping messages, this quickly exhausts the target's compute resources.
Collection
[
|
...
]