The attack on European servers peaked at around 400 gigabits per second.
The attack, targeting one of CloudFlare's clients, peaked yesterday "just shy" of 400 gigabits per second, the company's CEO Matthew Prince told PCMag. In comparison, last year's record-breaking attack on Spamhaus reached 300 Gbps. A "normal" DDoS attack that might take down a bank website, for instance, is around 50 Gbps.
"The attack wasn't extraordinary except that it was quite large," Prince said.
Attackers leveraged weaknesses in the Network Time Protocol (NTP), which is used to synchronize computer clocks, to flood the European servers with data. While researchers have long-predicted that NTP might someday become a vector for DDoS attacks, the trend has only recently become popular, causing an issue for some gaming websites and service providers, CloudFlare wrote in a blog post last month.
"This vector has been rising in popularity over the last 6 months and is now responsible for some of the largest attacks we mitigate across our network," Prince said. "NTP amplification takes advantage of misconfigured network time servers (the systems used to synchronize clocks across servers)."
Monday's attack targeted a single customer, but it was so large that it affected CloudFlare's entire global network. The company did not reveal which of its customers was targeted.
"We were able to mitigate the attack but did see network congestion (slowness) in Europe at the peak of the attack," Price said.
DDoS attacks aim to overload a victim's servers by flooding them with more data than they can handle. Such attacks can disrupt a victim's business, or knock its website offline.
No comments:
Post a Comment