HTTP DDoS

Being a USA-based web infrastructure and website security company, Cloudflare works for other companies managing connections to servers and web pages. Recently, Cloudflare has claimed that it has mitigated one of the largest DDoS attacks in history that involve more than 17.2 million Request-Per-Second (rps).

Cloudflare works very efficiently, soon after detecting this large HTTP DDoS attack, it manages to mitigate exactly what has happened in this attack. 

According to the report of Cloudflare, this HTTP DDoS attack took place last month and it had targeted one of Cloudflare’s financial customers.

There was an unknown threat actor that used a botnet of 28,000 infected devices to forward the HTTP requests to the client’s network.

Automated DDoS mitigation with autonomous edge

This largest HTTP DDoS attack was automatically identified as well as mitigated by the self-sufficient DDoS protection systems of Cloudflare. There is no doubt that Cloudflare has a system that is quite powerful as it has its own denial of service daemon (dosd). 

Cloudflare is a versatile security company, and it has a DOSD service that is a home-grown software and it is generally determined as a daemon. 

There are many interesting facts about this system, however, a unique DOSD case operates in every server and in every data centers around the world. 

The main work of the DOSD service is to analyzes traffic samples that come across the operation. Traffic is quite essential to record, that’s why analyzing traffic out-of-path enables to scan asynchronously for DDoS attacks without creating latency and affecting the execution. 

Revival of Mirai and new powerful botnets

This HTTP DDoS attack was initiated with a very powerful botnet, and in seconds, the botnet attacked the Cloudflare edge security system with nearly 330 million attack requests.

The experts of Cloudflare, pronounced a brief note regarding this attack, as to affirm that the traffic of this attack has dawned from more than 20,000 bots in 125 countries all over the world.

Moreover, the bots clearly asserted that 15% of the attack has been initiated from Indonesia and 17% from India and Brazil. Not only this but the experts also claimed that the attack also indicates that in those countries there might be several malware devices that are affected by this attack.

How to protect?

After detecting this huge attack, the security analysts of Cloudflare has declared that how the customers can protect themselves from this kind of attack, and that’s why we have listed the points below:-

  • Initially to protect the Internet properties, onboard to Cloudflare.
  • The analyst said that DoS is permitted, thus the customers can also customize the security settings.
  • To keep yourself safe, ask your upstream Internet Service Provider (ISP) to implement an access control list (ACL), in case you don’t then the threat actor might target your servers’ IP addresses immediately.
  • Moreover, customers can also change the default username as well as the password of any device that is attached to the Internet. Doing this will help to reduce the risk of the attack.
  • The customers need to protect their homes against malware with “Cloudflare for Families,” as it is a free service that blocks the traffic from your home to malicious websites as well as malware communication.

Apart from all this, Cloudflare is continuously tracking the growth of this botnet, as it resembles to be a transformed version of the well-known IoT malware Mirai.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates

Leave a Reply