BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Cloudflare Detects a Record 71 Million Request-Per-Second DDoS Attack

Cloudflare Detects a Record 71 Million Request-Per-Second DDoS Attack

Bookmarks

On the weekend of 11th and 12th February, the USA-based NFL Super Bowl weekend, Cloudflare detected dozens of hyper-volumetrics DDoS attacks. These attacks peaked at 50-70 million requests per second (rps), with the highest at 71 million rps. This is the largest reported HTTP DDoS attack on record. This attack is 54% higher than the previous record registered in June 2022 with 46M rps.

                                  The peak of 71 million requests per second during the attack

The attacks were HTTP/2-based and originated from over 30000 IP addresses from numerous cloud providers. Cloudflare said it’s unlikely the attacks originated from the Killnet DDoS campaign that targets healthcare websites nor that is related to the US Super Bowl weekend.

The Distributed Denial of Service attack (DDoS) is a kind of cyber attack that aims to make the site unavailable for users. This kind of cyber attack is inexpensive for attackers and can be very efficient against unprotected websites.

                                  Schema to explain a DDoS attack

 

A DDoS attack is usually made with a flood of HTTP requests against the target website. An HTTP flood attack is a type of volumetric attack designed to overwhelm a target server with HTTP requests. With a sufficient amount of requests, the attacked website is unable to respond to normal traffic and the other requests become slow or out of service. To perform the attack, usually a large network of botnets is used: the attacker needs to orchestrate the botnet to bombard the attacked website. Creating this kind of botnet is not easy and requires a lot of investment and expertise, but an average user can pay about $30 per month to hire DDoS-as-a-service platforms.

The frequency and sophistication of DDoS attacks have been increasing over the months. Cloudflare reports an increase of 79% year-over-year in the amount of DDoS attacks. The number of volumetric attacks exceeding 100 Gbps grew by 67% quarter-over-quarter (QoQ) and by 87% QoQ of the attacks lasting more than three hours. The Ransom DDoS attacks increase as well through the year with a peak in November 2022.

                                  Ramson DDoS attacks and threats by quarter for 2021 and 2022

A possible explanation for this increase over the year is that it has become easier and cheaper to launch DDoS attacks. Unlike Ransomware attacks, which need a foothold such as an employee naively clicking an email with a malicious link that installs the malware and propagates it, DDoS attacks are more like hit-and-run attacks, where only the website address and/or the IP address are needed to perform the attack.

About the Author

Rate this Article

Adoption
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Community comments

  • Spelling error: Cloudflare v CloudFlare

    by Samantha Bobal,

    Your message is awaiting moderation. Thank you for participating in the discussion.

    Hello - also reached out via email but wanted to flag that it should be spelled Cloudflare instead of CloudFlare. Thank you!

  • Re: Spelling error: Cloudflare v CloudFlare

    by Roxana Bacila,

    Your message is awaiting moderation. Thank you for participating in the discussion.

    Hi Samantha,
    Thanks for reporting the typo, it is now fixed.
    Roxana Bacila
    Head of Editorial Operations
    InfoQ Enterprise Software Development Community

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

BT