Saturday, September 7, 2024
Homecyber securityRecord Breaking DDoS Attack 419 TB of Malicious Traffic Within 24-Hours

Record Breaking DDoS Attack 419 TB of Malicious Traffic Within 24-Hours

Published on

A record-breaking Distributed Denial of Service (DDoS) attack unleashed 419 terabytes of malicious traffic over 24 hours.

This unprecedented event, which began at 8:05 UTC on July 15, 2024, targeted a financial services company in Israel, showcasing the evolving threat landscape of cyber warfare.

A Sustained Assault

The attack commenced with a small probing attempt, quickly escalating into a full-scale assault lasting nearly a day.

- Advertisement - EHA

Unlike typical DDoS attacks, which are often short-lived, this campaign sustained its intensity for hours, peaking at traffic levels between 300 and 798 gigabits per second (Gbps).

Although not the largest in peak traffic, it ranks as the sixth-largest attack ever mitigated by Akamai’s Prolexic platform.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Traffic Flow During the Main Attack Window

The attackers employed various techniques, including UDP flood, UDP fragmentation, DNS reflection, and PSH+ACK attacks.

This multi-vector approach indicates a sophisticated adversary capable of orchestrating complex cyber operations.

The Global Botnet Behind the Attack

The DDoS attack originated from a globally distributed botnet, targeting more than 278 IP addresses simultaneously.

This horizontal Layer 3 and Layer 4 attack was part of a larger wave of assaults on financial institutions in Israel, suggesting a deliberate and coordinated campaign.

Distinct IP Addresses Targeted

The aggressor’s ability to sustain such a high-volume attack for an extended period marks them as a significant threat.

Cybersecurity experts are concerned about their potential to launch similar or even more potent attacks on other targets worldwide.

The Impact on Israel

According to Akamai’s threat intelligence, Israel has experienced an unprecedented number of DDoS attacks in 2024, with the financial services sector being a primary target. This cyberattack surge coincides with ongoing regional conflicts, further complicating the geopolitical landscape.

Despite the severity of the attack, Akamai’s Prolexic platform successfully mitigated the threat, preventing sustained downtime for the targeted financial institution.

This success underscores the importance of robust cybersecurity measures in defending against modern DDoS attacks.

Organizations relying solely on on-premises DDoS defense systems without cloud backup are at higher risk. Shared DDoS defense resources in multi-tenant environments may also be insufficient to withstand similar attacks.

Strengthening Cyber Defenses

To mitigate future risks, businesses are advised to:

  1. Conduct thorough risk assessments of existing DDoS mitigation services.
  2. Implement always-on DDoS security controls.
  3. Extend security postures with edge-based network cloud firewalls.
  4. Protect DNS infrastructure from DNS-focused attacks.
  5. Develop comprehensive incident response plans.
Quarterly DDoS Attack Events by Region

The July 15 DDoS attack is a stark reminder of the evolving nature of cyber threats. As attackers grow more sophisticated, the need for advanced cybersecurity measures becomes increasingly critical.

Organizations worldwide must remain vigilant and proactive in strengthening their defenses to protect against the growing menace of DDoS attacks.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...