CloudFlare was the subject of the world’s largest to date distributed-denial-of-service (DDOS) attack. This attack used over 400 Gbps to make the CloudFlare service inaccessible and not usable for a period of time.
The attackers took advantage of a flaw in the Network-Time Protocol (NTP), which is used to sync computer clocks over a network.
“Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating,” Cloudflare CEO Matthew Price said in a tweet. “Someone’s got a big, new cannon. Start of ugly things to come,” he wrote in a follow-up tweet.
The attackers started by looking for vulnerable NTP server online which may have been done using a tool similar to Shodanhq.com’s search engine for devices attached to the Internet.
This attack is made possible due to being able to send large amounts of data that would look legitimate to the server from newly found tools that make DDOS’ing easier than ever.
These new tools such as DNS Flooder can send traffic so rapidly that it is comparable to 50 times the speed of the originating bandwidth. Also these new tools and techniques allow attackers to be able to purchase DNS servers to help amplify the attack further.
This last DDOS attack surpassed the previous record holder held by SPAMHAUS at 300 Gbps, a record that has held since last March.
(Image Source: iCLIPART)