Cloudflare has blocked a DDoS attack that reached a volume of 11.5 Tbps during a short peak.
Cloudflare reports that it has blocked a DDoS attack with a volume of 11.5 Tbps. This is a record. The previous record dates from June, with an attack that reached 7.3 Tbps. These figures show that so-called hypervolume attacks are becoming more common.
Misleading Information
Cloudflare shared the news on X, and in true style of Elon Musk’s social media platform, it was too brief and spread incorrect information itself. The company communicated that the flood of UDP packets primarily originated from Google Cloud.
Google was not amused by this, especially because it wasn’t true. With an update, Cloudflare set the record straight: the attack originated from various IoT and cloud providers. While Google Cloud was indeed a source, it was not responsible for the majority of the traffic.
The attackers couldn’t maintain the immense volume for long. The 11.5 Tbps torrent of malicious traffic lasted for 35 seconds. Cloudflare was able to mitigate the entire attack.
Botnets
Criminals use hacked devices and environments to set up such attacks. This can involve poorly secured IoT devices, but also poorly configured cloud environments. These are interesting for attackers, as they provide access to the powerful infrastructure of cloud providers and their associated immense network capacity. Large attacks typically originate from a combination of hacked ‘zombie’ environments, bundled into botnets.