How Cloudflare defeated a record-breaking 5.6 Tbps DDoS attack
"The systems worked as intended..."
Cloudflare has released details of a DDoS attack it claims is the largest ever recorded.
Two days before Halloween on October 29 2024, it mitigated a 5.6 terabit-per-second (Tbps) DDoS attack which targeted an internet service provider in eastern Asia.
Originating from a Mirai-variant botnet made up of more than 13,000 Internet of Things (IoT) devices, the assault lasted 80 seconds.
Cloudflare’s autonomous DDoS defence systems detected and neutralised the threat without human intervention, ensuring uninterrupted service for the affected client.
The incident underscores a broader trend in the cyber threat landscape. In the fourth quarter of 2024 alone, Cloudflare mitigated 6.9 million DDoS attacks, reflecting a 16% increase from the previous quarter and an 83% rise compared to the same period in 2023.
Notably, more than 420 of these attacks were classified as hyper-volumetric, each exceeding rates of 1 billion packets per second and 1 Tbps. The number of attacks surpassing 1 Tbps surged by an alarming 1,885% quarter-over-quarter.
DDoS attacks aim to overwhelm targeted servers with massive volumes of internet traffic, rendering websites and online services inoperative.
The increasing frequency and scale of these attacks highlight the critical importance of robust cybersecurity measures and the need for continuous development of automated defence systems to protect against evolving threats.
The telecommunications industry leapt from third place to become the most targeted field, with the internet sector in second place.
In 2024, Cloudflare mitigated around 21.3 million DDoS attacks — representing a 53% increase compared to 2023. On average, Cloudflare mitigated 4,870 DDoS attacks every hour in 2024.
Last year, Cloudflare’s autonomous DDoS defense systems blocked around 21.3 million DDoS attacks, representing a 53% increase compared to 2023. On average, in 2024, Cloudflare blocked 4,870 DDoS attacks every hour.
Cloudflare wrote: "On October 29, a 5.6 Tbps UDP DDoS attack launched by a Mirai-variant botnet targeted a Cloudflare Magic Transit customer, an Internet service provider (ISP) from Eastern Asia. The attack lasted only 80 seconds and originated from over 13,000 IoT devices.
"Detection and mitigation were fully autonomous by Cloudflare’s distributed defense systems. It required no human intervention, didn’t trigger any alerts, and didn’t cause any performance degradation. The systems worked as intended."
Have you got a story or insights to share? Get in touch and let us know.
