Summary:
Cloudflare has shared significant insights regarding a notable increase in the frequency and severity of Distributed Denial of Service (DDoS) attacks, particularly starting from early September. During this period, the company successfully neutralized over 100 hyper-volumetric Layer 3 and Layer 4 DDoS attacks. Many of these incidents surpassed critical benchmarks, with some exceeding 2 billion packets per second (Bpps) and reaching impressive peaks of 3 terabits per second (Tbps). One of the most alarming attacks peaked at an extraordinary 3.8 Tbps, which stands as the largest DDoS attack ever made public by any organization.

Cloudflare's report emphasized the effectiveness of its automated systems in both detecting and managing these threats. The processes utilized were fully autonomous, ensuring that customers experienced no disruptions in service during these unprecedented events. This capability illustrates the advancements in technology that have allowed for rapid responses to increasingly sophisticated cyber threats, a crucial development in today’s digital landscape.

Experts in cybersecurity have raised concerns about the unprecedented scale and frequency of these DDoS attacks. The rapid evolution of these threats poses significant risks, particularly for organizations that lack robust cybersecurity measures. Such powerful assaults can easily overwhelm unprotected internet infrastructure, potentially disrupting operations for businesses and services reliant on online connectivity.

The recent wave of DDoS attacks has predominantly targeted vital sectors, including finance, telecommunications, and internet service providers. These industries are particularly sensitive to disruptions, making them prime targets for cybercriminals. Notably, many of the attacks have utilized User Datagram Protocol (UDP) traffic sourced from compromised devices worldwide. Major sources of this malicious activity have been identified in countries such as Vietnam, Russia, Brazil, Spain, and the United States. This global dimension highlights a concerning trend where attackers exploit vulnerabilities in devices spread across various regions to launch large-scale assaults.

Security Officer Comments:
Investigations into these incidents have revealed that high packet rate attacks often originate from compromised MikroTik devices, digital video recorders (DVRs), and various web servers. The use of these compromised devices enables attackers to generate significant volumes of traffic. In contrast, high-bitrate attacks are frequently associated with vulnerabilities in certain ASUS routers, particularly one that features a critical authentication flaw (CVE-2024-3080) rated with a CVSS score of 9.8. This indicates a substantial risk, suggesting that attackers can easily exploit these devices to initiate record-breaking attacks.

The scale of these recent attacks has been remarkable, surpassing previous records and prompting serious discussions about the effectiveness of current cybersecurity measures. To provide context, the previous record for a volumetric DDoS attack was set by Microsoft, which reported an attack peaking at 3.47 Tbps and a packet rate of 340 million packets per second in late 2021. Additionally, prior to this surge, Cloudflare's largest recorded DDoS attack reached 2.6 Tbps, underscoring the rapid escalation of attackers' capabilities.

Cloudflare concluded its report with a critical observation regarding the implications of these high-volume DDoS attacks. The sheer size and velocity of bits and packets per second not only threaten unprotected internet properties but also challenge those secured by conventional on-premises equipment or cloud services. Many of these services lack the necessary capacity or global reach to effectively manage the massive volumes of malicious traffic while maintaining performance.

Suggested Corrections:
Cloudflare highlighted its unique capabilities in addressing these challenges. The company underscored that it has the extensive network capacity and global coverage required to absorb and automatically mitigate these substantial attacks.

Link(s):
https://securityaffairs.com/169305/hacking/new-record-breaking-ddos-attack-3-8-tbps.html