There has been a surge in Internet traffic and DDoS attacks, and over time, the complexity of these attacks has been elevating. Amidst the COVID-19 pandemic, hackers are trying to find new and challenging ways to penetrate the network, as was witnessed by Cloudflare.
Massive DDoS attack on Cloudflare network
In late June, a four-day attack campaign was launched, involving more than 316,000 unique sending addresses, suggesting the count of victim bot devices.
- Cloudflare researchers reported a DDoS attack that exceeded 400-600 million packets per second (Pps), and that peaked multiple times above 700 million packets per second (Mpps), with a top peak of 754 Mpps.
- The attack employed a combination of three attack vectors over the TCP protocol: SYN floods, ACK floods, and SYN-ACK floods.
- This packet-based volumetric DDoS attack attempted to jam Cloudflare’s routers and data center appliances rather than flooding the in-bound data connections.
Recent volumetric DDoS attack
Volumetric DDoS attacks are the most common type of DDoS attack, and almost 65% of DDoS attacks are volumetric in nature.
- In mid-June 2020, Akami disclosed that one of its client, a large European bank using Akami’s hosted infrastructure, was targeted by the largest ever packets per second DDoS attack. The attack grew to the traffic levels to 418 Gbps within a few seconds and touched the peak size of 809 Mpps in approximately two minutes.
- In the same month, Amazon also disclosed that its AWS Shield service witnessed the largest DDoS attack, which maxed to the traffic of 2.3 Tbps in mid-February this year.
Recent DDoS trends
- Cloudflare researchers have observed a decrease in the size and duration of the network-layer DDoS attacks in Q1 2020 as compared to Q4 2019.
- Most recent DDoS attacks are localized, which implies that DDoS mitigation solutions also need to have widespread coverage across several geographical areas.