Cloudflare announced that a 26 million request per second DDoS attack was automatically detected and mitigated. It was the largest HTTPS DDoS attack ever recorded. The attack targeted a customer’s website which uses Cloudflare’s Free plan, similar to the previous 15 million RPS attack.
The largest HTTPS DDoS attack
The attack originated from cloud service providers, unlike residential internet service providers, which indicates that hijacked virtual machines and powerful servers were used to generate the attack, as opposed to weaker IoT devices.
The attack originated from a powerful botnet of 5,067 devices. Each node generated approximately 5,200 RPS at peak. Cloudflare also stated that the company has been tracking another larger but less powerful botnet of more than 730,000 devices. However, it wasn’t able to generate over one million requests per second with approximately 1.3 requests per second on average per device.
Cloudflare also stated that DDoS attacks using HTTPS are much more expensive in terms of required computational resources. Within less than 30 seconds, this botnet generated more than 212 million HTTPS requests from over 1,500 networks in 121 countries. The top countries in the attacks were Indonesia, the United States, Brazil, and Russia. Also, approximately 3% of attacks came through Tor nodes.