Global cybersecurity company Cloudflare found and halted record hyper-volumetric DDoS attacks this weekend, most peaking between 50 and 70 million requests per second (rps). The largest attack crossed the previous record of 46M rps in June 2022 by a staggering 35%. 

The attacks, which targeted Cloudflare-protected websites using HTTP/2 (a major revamp of the HTTP network), came from over 30,000 IP addresses, including cloud service providers, and affected various entities, such as game providers, cryptocurrency firms, hosting corporations, and cloud computing platforms. This comes less than two weeks since the ‘Killnet DDoS’ campaign that attacked websites for the healthcare industry.

To address the increase in attacks from cloud service providers in the past year, Cloudflare will offer a Botnet threat feed to service providers with their own autonomous systems, providing them with threat information on attacks originating in their IP space and autonomous system for free. 

Service providers managing their own IP space can register on the waiting list for early access.

Cyber Attacks on the Rise: Websites at Risk!

DDoS attacks have grown in scale, sophistication, and recurrence recently. According to reports, HTTP DDoS attacks have spiked by 79% year over year, volumetric attacks over 100 Gbps rose 67% quarter over quarter, and attacks over three hours are up 87% quarter over quarter. Additionally, Ransom DDoS attacks have increased all year and reached their pinnacle in November 2022, with one in four surveyed customers claiming to have faced such attacks or threats.

DDoS attacks are cyber attacks that overload a website, especially an unprotected one, with requests, making it inaccessible to visitors. Attackers frequently create larger and more complicated attacks using a botnet, which is a network of bots. 

Building and running a botnet needs tremendous resources and technical know-how to conduct a DDoS attack. However, using DDoS-as-a-Service platforms, which are offered for as little as $30 a month, anyone can still carry out a DDoS attack but the size and duration of the depend on the service’s price. Platforms for DDoS-as-a-Service can be purchased for less than $30 per month.