Cloudflare claims to have stopped a distributed denial-of-service (DDoS) attack with a peak bandwidth of just under 2 terabits per second, making it one of the largest ever seen. The attack was started from about 15,000 bots running a variation of the original Mirai code on compromised Internet of Things (IoT) devices and unpatched GitLab instances.
- The story: The DDoS attack comes just two weeks after Rapid7 warned of a GitLab vulnerability that could be exploited to allow an attacker to remotely run code, such as botnet malware, on an affected server. Rapid7 discovered that at least half of the 60,000 internet-facing GitLab instances are still unpatched, and warned that as the bug’s information became public, “exploitation will rise.”
- Investigations: Cloudflare wasn’t mistaken; just one week later, the business claimed to have stopped the enormous DDoS onslaught. Cloudflare believes the attack was a multi-vector attack that included both DNS amplification and UDP floods, based on its investigation.
- The attack: The attack, which lasted less than a minute, was the greatest Cloudflare had seen to date, according to the company. It comes less than a month after Microsoft said that it had successfully handled a “record-breaking” 2.4 Tbps DDoS attack aimed at one of its Azure customers in Europe.
- Reports: “Another key finding from our Q3 DDoS Trends report was that network-layer DDoS attacks actually increased by 44% quarter-over-quarter,” said Omer Yoachimik, product manager at Cloudflare. “While the fourth quarter is not over yet, we have, again, seen multiple terabit-strong attacks that targeted Cloudflare customers.”
- Operations: Cloudflare, which operates a global network of 250 data centers, has announced its first foray into infrastructure services, R2, an upcoming cloud storage solution. The concept for moving into storage as a service came from the same source as other ideas that the company has converted into products, according to co-founder and CEO Matthew Prince.