Cloudflare announced that its systems automatically detected and mitigated a 15.3 rps HTTPS DDoS attack. The company stated that it is the largest HTTPS DDoS attack, which is more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection. Therefore it costs the attacker more to launch the attack, and for the victim to mitigate it.
6,000 unique bots
6,000 unique bots from 112 countries from 1,300 different networks.
Cloudflare stated that the attack, lasting less than 15 seconds, targeted a Cloudflare customer on the Professional plan. The attack was launched by a botnet that Cloudflare has been observing. The attack mostly came from data centers, which is unusual. Cloudflare stated that they are seeing a big move from residential network Internet Service Providers to cloud compute ISPs.
This attack was launched from a botnet of approximately 6,000 unique bots. It originated from 112 countries around the world. Almost 15% of the attack traffic originated from Indonesia, followed by Russia, Brazil, India, Colombia, and the United States. The attack originated from over 1,300 different networks.