Posted on February 14, 2023 at 8:41 PM
Several companies were targeted by a DDoS attack over the weekend
Distributed denial-of-service (DDoS) attacks have been on the rise. Over the weekend, a wide range of companies has been targeted by DDoS attacks, with one of these attacks being the largest one that has ever been recorded, according to researchers from Cloudflare.
Companies targeted by a DDoS attack
One of the largest DDoS attacks ever recorded happened over the weekend. The attack had a record-breaking HTTP/2-based DDoS that increased to over 71 million requests per second. The attack was significantly higher than the previous record of 46 million rps reported in June 2022. This attack reported last year was blocked by Google.
Attackers seem to be using more sophisticated tools to launch DDoS attacks and ensure that they impact the targets most. The largest DDoS attack launched over the weekend was followed by other attacks. The majority of the other attacks that happened around the same time peaked between 50 million and 70 million rps.
According to Cloudflare, the DDoS attacks that happened over the weekend originated from over 30,000 internet protocol (IP) addresses. These attacks targeted various businesses, such as gaming providers, hosting providers, crypto firms, and platforms providing cloud computing services.
These attacks followed a growing trend of network traffic that originated from cloud providers and not residential internet service providers (ISPs). The attack also shows that there has been a variety of typical tools that threat actors are using to launch these malicious campaigns. The threat actors use these tools to target internet of things (IoT) devices and home gateways that are transferred into botnets.
The researchers from Cloudflare also published a report noting that over the past year, there has been an increase in attacks from cloud computing service providers. The researchers said that the network traffic used to launch attacks during the weekend originated from a wide range of cloud providers.
Cloudflare researchers noted that there was a need for individuals and businesses to protect themselves from the rising number of DDoS attacks. Therefore, the company has released a free botnet to monitor attacks, with an early access waiting list already available.
There has been a significant increase in HTTP DDoS attacks that have overwhelmed websites with malicious traffic. Threat actor groups usually prefer these attacks because they are efficient for the malicious actors that want to run them.
The size of the botnet determines the size of the DDoS attack. When the botnet is large, the DDoS attack is also large. DDoS-as-a-service platform makes it easier for threat actors to launch an attack. These services save cybercriminals time and the costs of creating the botnet. Cloudflare said that the cost of these DDoS-as-a-service platforms is as low as $30 every month, which is a cheap option for cybercriminals.
DDoS attacks can be costly for the individuals and companies that have been targeted. Cybercriminals usually demand payment from the victims in return for stopping the high traffic inflow on these platforms. During the last quarter of 2022, Cloudflare said that a series of DDoS attacks targeted 16% of the victims compared to the 10% reported during the first quarter of 2022.
Russian threat actors have been launching DDoS attacks
Over the weekend, Cloudflare said that the DDoS attacks that happened were not related to the DDoS campaign targeting the US healthcare system launched by the KillNet hacking group.
The KillNet group has been linked to the attacks that targeted healthcare facilities in the US. These cybercriminals have targeted the University of Michigan, Stanford University, Duke University, and Cedars-Sinai.
The US Department of Health and Human Services published an advisory about the hacking threat that was posed by KillNet and the activities of the hackers on healthcare organizations.
During the fourth quarter of 2022, HTTP DDoS attacks increased by 79% year-over-year, with the volumetric attacks surpassing 100 Gb/s, representing a 67^ quarter-over-quarter increase. These attacks lasted over three hours and were up by 87% quarter-over-quarter.
Google has also played an instrumental role in fighting DDoS attacks. In June last year, the tech company blocked one of the largest DDoS attacks. During the same month, Cloudflare also halted this incident that generated 26 million rps, which was higher than the previous record of 15.3 million rps.