CDN (opens in new tab) provider Cloudflare has revealed it recently blocked one of the largest HTTPS DDoS attacks ever seen.
Comprised of 15.3 million requests per second (RPS), the assault isn’t the largest application-layer attack on record, but it is one of the largest in the HTTPS category.
HTTPS DDoS attacks are usually more expensive, and require more computing power, as establishing a secure TLS encrypted connection is costlier, the company explained.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
DeFi projects in the crosshairs
The victim was a Cloudflare customer operating a crypto launchpad, which surface Decentralized Finance (DeFi) projects to potential investors.
The attack itself lasted approximately 15 seconds, and was launched by a known botnet. Out of 6,000 unique endpoints used in this attack, most of them came from data centers. The majority (15%) were located in Indonesia, with large numbers also hailing from Russia, Brazil, India, Colombia, and the US.
A total of 1,300 different networks were employed for the attack. The top networks included the German provider Hetzner Online GmbH, Azteca Comunicaciones Colombia, OVH in France, and other cloud providers.
> 'Hacktivist' activity drives DDoS volumes to all-time high (opens in new tab)
> DDoS attacks soared to new highs in 2021 (opens in new tab)
> DDOS attacks: how to prevent and protect your business against them (opens in new tab)
According to recent data from Kaspersky, DDoS attacks have never more popular, with multiple records broken in the first quarter of 2022.
The uptick in attacks was fueled by the war in Ukraine, as many “hacktivists” took up arms to launch attacks against Russian service providers.
The cyber realm has become a true battlefield in these past couple of years, with nation-states stealing sensitive information and government secrets, spying on elected officials, deploying malware (opens in new tab) against critical infrastructure, and running ransomware operations to fund further cyberattacks.
- Keep your digital premises secure with the best antivirus products around (opens in new tab)