Cloudflare, a company that deals with cybersecurity infrastructure and services, reported earlier today that it had to face the largest distributed denial of service (DDoS) attack ever recorded. During this attack, Cloudflare states that it was hit with a colossal 17.2 million HTTP requests per second (rps).
The company is pretty pleased with itself though, as it says it was able to mitigate this massive onslaught thanks to its autonomous edge DDoS protection which is powered by its in-house denial of service daemon (dosd).
To give us a scale of the attack, Cloudflare says that the number of HTTP requests it was hit with during the DDoS is about 68% of its average legitimate requests per second for Q2, the latter being 25 million rps.
While this DDoS attack appears to have originated from several places from all around the world, it seems the vast majority was concentrated from Indonesia (~15%), India, Brazil, Vietnam, and such. You can see the attack source sorted by countries in the graphic below:
Cloudflare believes that the botnet which caused this HTTP flood is the same as the one that had led to another DDoS attack last week. This previous attack wasn't as powerful as this one though, but it wasn't something insignificant either. According to Cloudflare's data, the previous hit peaked at just under 8 million rps.
While we aren't sure who is behind the attacks, the company notes that recently, there is a resurgence of the infamous Mirai botnet attacks. The Mirai botnet isn't new and is responsible for causing some of the largest DDoS attacks ever, so it is obviously among the usual suspects.
You can find more technical details in the official blog here.