3.8 Terabits Per Second Makes For One Scary DDoS Attack
This Is Why You Patch Your Things!
Cloudflare has blocked a month long DDoS attack which peaked at 3.8 terabits per second, simultaneously aimed at a variety of financial services, internet, and telecommunications organizations. After all, if you have that much bandwidth, why go after a single target? This beats the previous record holder for awfulness, a mere 3.47 Tbps that was aimed at an Azure instance in Asia and which was eventually blocked by Microsoft. The new record holder spammed a specific UDP port with a huge amount of garbage and slowed networks to a crawl when it managed to get some traffic through.
If you are wondering how it happened, it is because companies and some users refuse to keep their IoT devices up to date. Indeed many companies get bored and simply stop supporting older devices, regardless of how many are still being used. The devices used in this attack ranged from Asus home routers to Mikrotik systems to DVRs, with the occasional insecure web server tossed in. The infected devices were mostly located in Russia, and Vietnam but the U.S made up almost 10%.
Patch all the things, now!
In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.
More Tech News From Around The Web
- Critical Ivanti RCE flaw with public exploit now used in attacks @ Bleeping Computer
- After 27 years, Tcl/Tk 9 finally arrives with 64-bit power and Zip file magic @ The Register
- Microsoft releases Office 2024, the latest buy-once-own-forever version of Office @ Ars Technica
- Java Ring: One Wearable To Rule All Authentications @ Hackaday
- OpenAI Gets $4 Billion Revolving Credit Line, Giving It More Than $10 Billion in Liquidity @ Slashdot
- WP Engine Sues WordPress for Libel, Extortion @ Slashdot
- Bank of America app glitch zeroes out people’s balances @ The Register