Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS.
“This is the largest reported HTTP DDoS attack on record, more than 35 percent higher than the previous reported record of 46 million RPS in June 2022,” Cloudflare’s Omer Yoachimik, Julien Desgats and Alex Forster wrote.
The attacks, which originated from more than 30,000 different IP addresses, targeted websites including a gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms.
The record attack comes amid a recent surge in DDoS attacks, which have soared as ransomware attacks have declined, as more victims refuse to pay the ransom and data backup has improved.
DDoS attacks, on the other hand, don’t require infiltration to be effective and thus are growing in frequency and intensity.
DDoS Attack Traffic Surges
According to Cloudflare’s most recent DDoS threat report, the amount of HTTP DDoS attack traffic in the last quarter of 2022 surged by 79 percent year-over-year.
The number of attacks exceeding 100 Gbps were also up by 67 percent, the report found, and the number of attacks lasting more than three hours were up by 87 percent quarter-over-quarter.
Ransom DDoS attacks also increased steadily, with more than 16 percent of respondents saying they had received a threat or ransom demand as part of a DDoS attack in Q4 of 2022.
“Unlike ransomware attacks, ransom DDoS attacks don’t require an actual system intrusion or a foothold within the targeted network,” Yoachimik, Desgats and Forster wrote. “Usually, ransomware attacks start once an employee naively clicks on an email link that installs and propagates the malware. There’s no need for that with DDoS attacks. They are more like a hit-and-run attack. All a DDoS attacker needs to know is the website’s address and/or IP address.”
Some industries were hit harder than others, Cloudflare noted. HTTP DDoS attacks constituted fully 92 percent of traffic to education management companies; 73 percent of traffic to the information technology and services industry; and 73 percent of traffic to the public relations and communications industry.
More Powerful, Frequent and Complex
Separately, Radware this week released its 2022 Global Threat Analysis Report, which found that the number of DDoS attacks in 2022 surged by 150 percent worldwide compared to 2021.
“‘More’ is the operative word for the global threat landscape in 2022,” Radware director of threat intelligence Pascal Geenens said in a statement. “Compared to 2021, there were not only more DDoS attacks in terms of sheer number, but they were also more powerful, frequent and complex, spanning more attack vectors.
“The surge can be attributed in part to digitalization, the war in Ukraine, and a long tail of new vulnerabilities and exposed services driven by work-from-home remote access during Covid,” Geenens added.
Worldwide, organizations mitigated an average of 29.3 attacks per day during Q4 2022, more than three times as many as in Q4 2021, according to Radware. The largest recorded attack in 2022 was 1.46 Tbps, almost three times larger than the largest in 2021.
“In 2023, the democratization of DDoS and patriotic hacktivism will continue to drive an increase in smaller, more frequent attacks – a trend we are already seeing in the increased frequency of lower volume attacks in EMEA,” Geenens predicted. “At the same time, expect the cybercrime underground to become even better organized and funded in its pursuit of hard-hitting attacks.”