It has been reported that web performance firm Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack last week that peaked at 26 million request per second (rps). It was caused by a small but powerful botnet of just 5,067 devices.
This attack didn’t originate from compromised low-bandwidth Internet of Things devices like many other DDoS or junk traffic attacks on websites, but rather from cloud service providers, according to Cloudflare.
That it came from cloud provider infrastructure suggests the attackers hijacked higher-bandwidth virtual machines and servers, the firm suggests.
This attack was over HTTPS, the secure version of the web, similar to a DDoS attack it mitigated in April. As the firm explains, HTTPS DDoS attacks are more computationally expensive for the attacker and victim due to the cost of establishing an encrypted Transport Layer Security (TLS) connection over the internet. Among other things, Cloudflare provides customers SSL/TLS certificates to website owners.
More information here:
Previous DDOS (Distributed Denial of Service) attacks utilized IoT (Internet of things devices) with less processing power and capabilities but substantial enough to generate the necessary traffic. Still, it required a significant amount in the hundreds of thousands to create the web traffic to disrupt the target.
As cybercriminal groups evolve their tactics, if they’ve accessed or created virtual machines with a more significant processing power than IoT devices, it will take fewer machines to mimic a similar result of the hundreds of thousands of IoT devices.
DDoS is one of the tools used in the cybercriminal group’s arsenal to disrupt services for organizations or services. As cybercriminals find new ways to generate an increased number of rps (request per service) from virtual machines or IoT devices, DDoS technology will also need to evolve to reduce the attack’s capability to protect its customers and clients.