July 5, 2024 at 07:52AM
OVHcloud announced its mitigation of the largest ever packet rate DDoS attack, reaching 840 Mpps, revealing a surge in such attacks with over 100 Mpps. The attacks aim to disrupt infrastructure leading to an increase in bandwidth and resources. The company attributes the attacks to the misuse of MikroTik routers and the Mirai botnet.
Based on the meeting notes, the key takeaways are:
1. OVHcloud recently mitigated the largest ever distributed denial-of-service (DDoS) attack in terms of packet rate, peaking at around 840 Mpps.
2. There has been a sharp increase in packet rate DDoS attacks above the 100 Mpps threshold over the past six months, with the company observing a surge in such attacks.
3. The attack traffic primarily consisted of TCP ACK packets originating from roughly 5,000 IPs and involved the use of MikroTik routers, specifically the CCR1036-8G-2S+ and CCR1072-1G-8S+ device models.
4. The potential threat of a botnet being able to generate 2.28 billion packets per second (Gpps) by ensnaring close to 100,000 exposed CCR devices into it was highlighted.
5. Large network-layer attacks have become a frequent occurrence, with attacks over 1 Tbps being commonplace.
6. In October last year, the industry observed some of the largest Layer 7 DDoS attacks in history, exploiting the ‘HTTP/2 Rapid Reset’ zero-day vulnerability, with the largest peaking at 398 million requests per second (rps).
Please let me know if you need further details or additional information.