Cloudflare announced that it has automatically mitigated the largest ever reported hyper-volumetric DDoS attack. The scale of the attack peaked at 3.8 terabits per second (Tbps), and lasted about 65 seconds.
This announcement comes as Cybersecurity Awareness Month launches, reflecting Cloudflare’s ongoing commitment to build a better Internet.
Since early September, Cloudflare’s DDoS protection systems have been automatically combating a month-long campaign, mitigating over one hundred hyper-volumetric L3/4 DDoS attacks (with many exceeding 2 Bpps and 3 Tbps). Additional main takeaways below:
- No industry is immune: The campaign targeted multiple customers in critical industries like financial services, Internet, and telecommunication.
- Attacks have no borders: The attack originated from countries across the globe with larger shares coming from Vietnam, Russia, Brazil, Spain, and the U.S.
- Compromised devices wreak havoc: The attacks originated from any type of compromised device the attacker could get their hands on, including MikroTik devices, DVRs, and Web servers.
The team will be releasing info throughout the month of October on additional attacks blocked, tips for CISOs/security practitioners and new products to help the industry stay ahead of threat actors.