IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Cloudflare mitigates biggest ever HTTPS DDoS attack

A botnet generated over 212 million HTTPS requests from over 1,500 networks in 121 countries

Cloudflare automatically detected and mitigated a 26 million request per second (rps) DDoS attack, which it claims is the largest HTTPS DDoS attack on record.

The attack targeted a customer website using Cloudflare’s Free plan last week, the company revealed. The attack originated mostly from Cloud Service Providers instead of Residential Internet Service Providers, which the company said indicates the use of hijacked virtual machines and powerful servers to generate the attack, instead of much weaker Internet of Things (IoT) devices.

The 26M rps DDoS attack also originated from a small but powerful botnet of 5,067 devices. Each node generated around 5,200 rps at peak. Cloudflare compared this to a larger botnet of 730,000 devices it has been tracking. The larger botnet wasn’t able to generate more than one million requests per second, which is around 1.3 requests per second on average per device for example. On average, the 26M rps botnet was 4,000 times stronger due to its use of virtual machines and servers.

The company added that it’s worth noting the attack was over HTTPS. “HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection,” said Cloudflare. “Therefore, it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale.”

Within less than 30 seconds, the botnet generated over 212 million HTTPS requests from over 1,500 networks in 121 countries. The top countries were Indonesia, the United States, Brazil and Russia, with about 3% of the attacks coming through Tor nodes. The top source networks were the French-based OVH, the Indonesian Telkomnet, the US-based iboss, and the Libyan Ajeel.

Related Resource

Understanding the economics of in-cloud data protection

Data protection solutions designed with cost optimisation in mind

Whitepaper cover with title below a gradient orange pixelated banner and text and graph belowFree Download

Cloudflare pointed out that its recent DDoS Trends report shows that most of the attacks are small, like cyber vandalism, However, even small attacks can severely impact unprotected Internet properties. It added that large attacks are growing in size and frequency, but remain short and rapid. Attackers concentrate their botnet’s power to try and wreak havoc with a single quick knockout blow, trying to avoid detection.

The company highlighted some of the record-breaking attacks it witnessed over the past year. In August 2021, it disclosed a 17.2M rps HTTP DDoS attack, and more recently in April 2022, a 15M rps HTTPS DDoS attack.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Most Popular

Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
UK water supplier confirms hack by Cl0p ransomware gang

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022