The largest denial of service (DDoS) attack ever recorded is currently underway, warn Cloudflare, Google Cloud and Amazon Web Services (AWS). Companies experience hundreds of millions of requests per second.
DDoS attacks are among the least sophisticated and most common cyberattacks. They involve the massive sending of requests to a specific target, such as a website, with the aim of slowing down its performance or making it inaccessible, thus disrupting its normal functioning. In recent years, cybersecurity experts have noted an escalation in the intensity of these DDoS attacks, which are becoming more and more frequent.
The largest DDoS attack in history
Cloudflare, Google Cloud and AWS are unanimous, the attack began in August and “ still in progress » is the most important they have ever observed. The Mountain View firm saw an unprecedented peak of 398 million requests per second (rps). She assures that in just two minutes, she received more comments than Wikipedia during the entire month of September 2023.
Similar findings at AWS and Cloudflare, each repelling attacks worth Rp155 million and Rp201 million respectively. Last February, Cloudflare already announced that it had blocked an unprecedented DDoS attack, the peak of which was measured at 71 million requests per second. The company now reports an offensive “ three times larger than any previous attacks we have observed “. Some companies do not have the infrastructure necessary to withstand an attack of this magnitude.
Patches currently being deployed
For the moment, the perpetrators of the cyberattack are not known, but the three companies were able to identify how it was made possible. Cybercriminals exploited a flaw in the HTTP/2 protocol. Their technique, called “ Rapid Reset “, works by sending a series of requests for multiple data streams, followed immediately by a reset for each one.
The targeted system analyzes and reacts to each request, generating records for a request that is then reset or canceled. It wastes time and computing resources, even though no network data is sent back to the attacker.
AWS, Google Cloud, and Cloudflare coordinated their response, sharing information and mitigation strategies with other cloud providers and software maintainers. This cooperation has resulted in patches being developed, and businesses are now encouraged to check the security of their servers and apply these patches. But unfortunately, this solution will no longer be valid during future similar attacks.
Source : ZDNet