During a record-breaking distributed denial of service (DDoS) assault last week, web performance company Cloudflare claims it was able to stop 26 million requests per second (rps). A minuscule botnet of 5,067 machines was responsible for the attack.
According to Cloudflare, the source of this assault was not hacked low-bandwidth Internet of Things devices, but rather cloud service providers.
There is a good chance that the attackers used high-bandwidth virtual computers and servers, according to the business.
Similar to a DDoS attempt it thwarted in April, this attack was carried out through HTTPS, the secure version of the web. DDoS assaults based on encrypted TLS connections across the internet are more costly for both attackers and victims, according to a company that describes this phenomenon in greater detail. Cloudflare is a service that gives SSL/TLS certificates to website owners, among other things.
Cloudflare’s free plan, which includes DDoS protection, a content delivery network, and an SSL certificate, was the focus of the assault. It took less than two minutes for Cloudflare’s graph to show that the assault had reached its height and then faded within 10 seconds.
A Cloudflare product manager explains in a blog pos[1]t that “we’ve seen extremely big assaults in the past over (unencrypted) HTTP, but this attack stands out because of the resources it needed at its magnitude.”
There were 5,067 nodes in this “small but strong” botnet, with an average rps of 5,200 per node. Over 1,500 networks in 120 countries sent 212 million HTTPS queries within 30 seconds. Compared to another botnet Cloudflare monitors, which has over 730,000 devices and produces an average of 1.3 RPS per device, this one was significantly more potent.
Virtual computers and servers made this botnet an average of 4,000 times more powerful than other botnets, according to Cloudflare.
The attack began in Indonesia, the United States, Brazil, and Russia.
DDoS assaults have broken several records in the last two years. A 2.3 terabit per second (Tbps) assault, measured in HTTP/S packets per second rather than HTTP/S requests per second, was successfully handled by Amazon in June 2020. This DDoS attack took use of the CLDAP protocol (Connection-less Lightweight Directory Access Protocol). User Datagram Protocol (UDP) was employed in a “mirror attack” by Microsoft in January, according to the company’s announcement. According to Microsoft, many of the DDOS assaults are the consequence of heated competition between players of popular online games.
In July 2021, a DDoS assault on a Cloudflare client peaked at 17.2 million rps, making it the second greatest attack to date.

Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover