Cloudflare says it has blocked a distributed denial-of-service (DDoS) attack that peaked at between 50 and 70 million requests per second (rps), at one point reaching 71 rps. Cloudflare says that the attack “is the largest reported HTTP DDoS attack on record.” The record-breaking DDoS was just one of dozens of DDoS attacks over the weekend.
Note
- A lot of questions will surround this one as the number of requests per second (RPS) is 70 million, which is very large for TCP-based attacks. In the past, the largest DDoS attacks were made possible via amplification over UDP. We are not at the moment where this is possible with HTTP, as HTTP/2 is still a TCP-based session. It’s fairly difficult in the blog post from Cloudflare to understand the implications here, but it would stand to reason these are compromised hosts in cloud providers that are causing the attack. Cloudflare is offering ISPs (or maybe cloud providers themselves) a threat list to use. It’s smart to give it away for free as mitigating these large-scale attacks is probably costly on their infrastructure.
- DDoS attacks are hitting everyone. Check your logs to see if you’ve been affected. Then go back to service providers to make sure they are stopping them as agreed, or if they are slipping through. If you have staff or friends with advertised services on their home networks, they should also double check. Then talk to their ISP about prevention. Hopefully the only impact seen is interrupting streaming services.
Read more in