Cloudflare Blocks Record 5.6 Tbps DDoS Attack from Mirai Botnet

Cloudflare, a web infrastructure and security company, has detected and blocked a groundbreaking 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, marking the largest such assault ever reported.

The UDP protocol-based attack occurred on October 29, 2024, targeting an internet service provider (ISP) in Eastern Asia. Originating from a Mirai-variant botnet, the assault involved over 13,000 compromised Internet of Things (IoT) devices.

The 13,000 source IP addresses that launched the 5.6 Tbps DDoS attack

Despite the massive scale of the attack, Cloudflare's autonomous defense systems successfully mitigated the threat without human intervention. The attack lasted a mere 80 seconds, with an average of 5,500 unique source IP addresses observed per second. Each IP address contributed approximately 1 Gbps to the total attack volume.

This record-breaking incident highlights the evolving landscape of cyber threats and the increasing sophistication of botnet-driven attacks. Cloudflare's report reveals a significant surge in DDoS attack volumes in 2024, with attacks exceeding 1 Tbps growing by an astounding 1,885% quarter-over-quarter.

Distribution of hyper-volumetric L3/4 DDoS attacks

The company blocked approximately 21.3 million DDoS attacks in 2024, representing a 53% increase from the previous year. In the fourth quarter alone, 6.9 million DDoS attacks were mitigated, demonstrating the persistent and growing threat of such cyber assaults.

Distribution of 6.9 million DDoS attacks

Key observations from Cloudflare's analysis include the prevalence of known DDoS botnets in HTTP attacks and the diversity of attack vectors. SYN floods, DNS flood attacks, and UDP floods emerged as the most common network layer attack methods.

The report also highlighted the emergence of new attack trends, including significant increases in Memcached DDoS attacks, BitTorrent DDoS attacks, and ransom DDoS attempts. These evolving tactics underscore the need for robust, adaptive cybersecurity measures.

Geographically, Indonesia, Hong Kong, and Singapore emerged as primary sources of DDoS attacks. The telecommunications, internet, and marketing sectors were among the most targeted industries, reflecting the broad impact of these cyber threats.

As cyber attackers continue to develop more sophisticated methods, Cloudflare emphasizes the critical importance of proactive, automated, and comprehensive DDoS protection strategies. The company's extensive global network, spanning 330 cities and capable of handling 321 Tbps of traffic, stands as a testament to the ongoing battle against increasingly complex cyber threats.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: Here are the 5 most contextually relevant blog posts: