Large-scale attacks designed to bring down internet services by sending them more traffic than they can process are getting bigger, with the largest so far, measured on 7.3 terabits per second, which are reported on Friday by internet security and performance provider Cloudflare.
The attack of 7.3 Tbps was 37.4 terabytes of junk traffic that achieved the target in just 45 seconds. That is an almost incomprehensible amount of data, equal to more than 9,300 HD films over the full length or 7,500 hours of HD streaming content in more than a minute.
Without distinction bombing
Cloudflare said that the attackers “bombarded carpet”, on average nearly 22,000 destination gates of a single IP address that belonged to the target, only identified as a CloudFlare customer. A total of 34,500 gates were targeted, indicating the thoroughness and the well -designed nature of the attack.
The vast majority of the attack was supplied in the form of User Datagram Protocol packages. Legitimate UDP-based transmissions are used in particularly sensitive communication, such as those for playing videos, gaming applications and DNS searches. It speeds up communication by not formally establishing a connection before data is transferred. In contrast to the more usual transmission control protocol, UDP does not wait for a connection between two computers that are established via a handshake and does not check whether data is correctly received by the other party. Instead, it immediately sends data from one machine to another.
UDP flood attacks send extremely high volumes packages to random or specific ports on the goal -IP. Such floods can saturate the internet connection of the target or overwhelm internal sources with more packages than they can.
Because UDP does not need a handshake, attackers can use it to flood a targeted server with traffic torrents without first getting the server's permission to start the transmission. UDP floods generally send large numbers of data trams to multiple ports on the target system. The target system, in turn, must return an equal number of data packages to indicate that the gates are not accessible. Ultimately, the target system nods under the voltage, so that legitimate traffic is refused.
