Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Network IT services and DDoS mitigation firm Cloudflare has thwarted the largest distributed denial-of-service (DDoS) attack ever recorded.
The attack, which reached a peak of 5.6 terabits per second, occurred on 29 October 2024 and came from a Mirai-based botnet made of 13,000 devices.
Cloudflare said the incident, which lasted 80 seconds, aimed to bring down the operations of an eastern Asian internet service provider. However, thanks to its mitigation, Cloudflare said that the incident had no effect on the targeted ISP.
The ISP was a customer of Cloudflare’s “Magic Transit” service, which it said “offers cloud-based DDoS protection for public-facing infrastructure.” The company said mitigating the incident was entirely autonomous and required no human intervention.
“Detection and mitigation were fully autonomous by Cloudflare’s distributed defence systems. It required no human intervention, didn’t trigger any alerts, and didn’t cause any performance degradation. The systems worked as intended,” Cloudflare said in its blog.
The incident closely followed another major DDoS attack in early October that peaked at 3.8 terabits per second, which granted it the record for the largest volumetric assault. This incident lasted for 65 seconds.
Considered one of the top DDoS protection services in the world, Cloudflare said that in 2024, its autonomous DDoS defence systems mitigated roughly 21.3 million DDoS attacks, a 53 per cent increase compared to the previous year.
“On average, in 2024, Cloudflare blocked 4,870 DDoS attacks every hour,” it said.
According to the company’s report, Indonesia is the largest source of DDoS attacks, holding the title from the previous quarter. Hong Kong and Singapore filled the rest of the podium.
The company also noted that Cloudflare customers reported competitors as the most common threat, making up 40 per cent of incidents. However, Cloudflare said this includes those who were unsure of who attacked them.
State-sponsored threats followed in second (17 per cent), level with disgruntled customers and users.
Despite this, Cloudflare reported a spike in ransom DDoS attacks in the final quarter of 2024. Q4 saw 12 per cent of Cloudflare customers who suffered DDoS attacks reporting incidents of extortion for a ransom payment, a 78 per cent increase from the previous quarter and a 25 per cent year-on-year growth.
“This spike was predictable, given that Q4 is a prime time for cyber criminals, with increased online shopping, travel arrangements, and holiday activities,” said Cloudflare.
“Disrupting these services during peak times can significantly impact organisations’ revenues and cause real-world disruptions, such as flight delays and cancellations.”
Be the first to hear the latest developments in the cyber industry.
