Why should I care?

During the weekend of Feb. 11-12, 2023, content delivery network provider Cloudflare detected and mitigated an unusually high number of hyper-volumetric DDoS attacks. It did not disclose the targets but mentioned some of the attacked websites. These included a gaming provider, hosting providers, cloud computing platforms, and cryptocurrency companies.

The attack ranged between 50 to 70 million requests per second (RPS) and peaked at 71 million RPS. That is the largest reported HTTP DDoS attack, surpassing the 46 million RPS recorded in June 2022.

 

What Is a DDoS Attack?

Short for Distributed Denial-of-Service, this is a malicious attempt by a third party to disrupt a server or network by overwhelming it with internet traffic.

Perpetrators need multiple sources of traffic to achieve this. A common tactic is to infect several machines with malware. They exploit these systems to divert traffic to their target. Most users do not even realize their computer or smartphone is infected and used for this purpose.

The amount of traffic sent to a website can clog the network and make it unavailable to customers. Not only could this disrupt business operations, but it could also lead to a loss of revenue and angry customers.

 

Where the Attack Came From

Cloudflare detected that the traffic source was coming from several cloud providers. They worked together to stop the connection and prevent it from achieving its goal.

Damian Mensher, a security reliability engineer from Google, confirmed that Google Cloud was among those affected providers. He said, "Thanks Cloudflare for your partnership in getting the infrastructure dismantled."

Cloudflare does not believe that the attack was related to the recent health care website ransomware attacks or the Super Bowl.

 

How to Protect Against DDoS Attacks

Many organizations rely on their websites to connect with their customers. Whether it is gathering messages or taking orders, these are crucial parts of the operations. To prevent a DDoS attack, companies should:

1. Fortify network architecture
2. Reduce attack surface exposure by using a CDN
3. Have early detection systems in place
4. Understand warning signs
5. Have a comprehensive security solution

 

My perspective

Prevention is always better than cure. And with the rise of malicious attacks, cybersecurity is a smart investment for organizations.

 

"It is during our darkest moments
that we must focus to see the light." -Aristotle

 


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, YouTube, and Facebook

I am also a published author and speaker on cloud computing, work-from-anywhere, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.

 

Contact me if you have any questions about the subject.
I'd be happy to spend 15 minutes discussing it with you.