This month, cyber security firm Cloudflare reported that it had mitigated a 26 million per second distributed denial-of-service (DDoS) attack, one of the largest HTTPS DDoS attacks detected in recent history.

Cloudflare was able to determine that the threat actor likely used hijacked servers and virtual machines because the attack originated from Cloud Service providers, instead of weaker Internet of Things devices through compromised Residential ISP’s.

Although the botnet was smaller in size compared to previous botnets used to commit attacks like these, it was significantly more powerful.  It was suspected that a botnet of roughly 5,067 devices was used, with each device generating roughly 5,200 requests per second at the highest rate.

Other botnets which contain hundreds of thousands of compromised devices have been considerably weaker than this one, generating fewer requests per second while maintaining a considerably larger network of compromised devices.  The larger botnet generated roughly 1.3 requests per second, compared to the smaller botnet of virtualized machines which generated a vastly larger level of requests in comparison.

To put it simply, although the latter botnet was larger in scale, the smaller botnet was roughly 4000 times more powerful due to its use of virtual machines and servers.

How Botnets Play a Role in Denial-of-Service Attacks

A botnet is a large pool of devices, typically made up of compromised computers or other internet-based devices, which are directed by an actor to deliver requests or perform tasks together.  Hackers and other threat actors utilize botnets often to perform Denial-of-Service attacks like those mentioned above.

A Denial-of-Service attack is performed by overloading a target computer like a server, a phone system, or other device typically providing a service that connects to the internet.  A Denial-of-Service attack is typically carried out by a large group of computers in a network typically called a Botnet, which are directed to flood a target with requests.  When a computer is overwhelmed with requests from other devices, it becomes unable to communicate with the rest of the internet and is affectively taken offline.  Popular targets for Denial-of-services attacks include webservers, application servers, voice servers, and other entities that typically provide a service for customers or businesses.

Another important variant of DDoS attacks is that they typically rely on compromised devices, which creates two victims of these types of attacks, the device being used to send requests, and the target being hit with these requests.  To ensure your computers and devices are not compromised and unwittingly being used in a botnet, it’s important to ensure your computer is not infected by malicious software or code.

Keeping your computer’s anti-virus as well as your OS up to date with the latest software is a good start in preventing your computer from being the next zombie serving in some hackers botnet.  Natural Networks also can provide various services which can help ensure your devices and network remain secure and protected.  By implementing next generation Anti-Virus such as SentinelOne and being backed by a Security Operations Center, we can help keep your devices secure.

If your interested in learning more about how Natural Networks can keep your business secure from threats like Denial Of Service attacks, give us a call today!