It is the largest HTTP DDoS attack reported to date; more than 35% higher than the previous 46-million-request DDoS attack that Google Cloud thwarted in June 2022. T
Cloudflare acts as a shield between the Internet and their customer’s websites, filtering out harmful traffic. According to the company, the attacks singled out websites that it was protecting. The attack emanated from a botnet comprising more than 30,000 IP addresses that belonged to “numerous” cloud providers.
Some of the attacked websites included a popular gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms.
The amount of HTTP DDoS attacks has increased by 79% year-on-year.
“This record-breaking distributed denial-of-service attack is another clear sign that cyber criminals are increasingly emboldened to launch large-scale, hyper-volumetric attacks, with the aim of causing maximum damage to websites and online infrastructure,” says Anna Collard, SVP of content strategy at KnowBe4 Africa.
“One of the tell-tale signs that you might be under a DDoS attack is if a site or service suddenly becomes slow or non-responsive. But since a legitimate spike in traffic could create similar performance issues, further investigation is usually required. The more complex the attack, the more difficult it will be to identify and separate it from normal traffic.”
Martin Potgieter, co-founder and technical director at Nclose, says: “While DDoS attacks have been around for a while, it’s not often that we read about them, certainly less so than ransomware attacks.
“DDoS attacks typically required continued effort and with that comes an associated cost (i.e., rental of a botnet for the duration of the attack), while ransomware requires just the initial effort to encrypt and/or exfiltrate data.
“This means in most cases it will cost more for an attacker to carry out a DDoS attack but cyber criminals constantly work in this complex ecosystem with an end goal to make money. With a drop in the number of organisations that are actually paying ransoms when they are attacked with ransomware, DDoS cannot be ruled out as a mechanism that they will evolve to.”
Unlike ransomware attacks, DDoS attacks don’t require an actual system intrusion or foothold within the targeted network. They’re more like a hit-and-run-attack.
To successfully mitigate DDoS attacks requires a variety of strategies, including notifying your internet service provider as soon as possible. Firewalls and routers should be configured to reject bogus traffic and spoofed IP addresses.
Cyber criminals generally target specific industries, so many organisations may not have DDoS attacks high up on their risk registers.
As the size and frequency of DDoS attacks continue to increase, it’s crucial for businesses to take a proactive approach to security, implementing layered security defences and regularly stress-testing their web infrastructure to ensure it can withstand such attacks
Says Collard: “We cannot afford to think of this problem purely through the lens of ‘ransomware’. This is an extortion crime. DDoS attacks are on the rise and are going to grow in complexity.”