I just want to share an unbelievable story that happened online. A company in Europe that protects DDos attacks was attacked by a large attack of 1.5 billion packets per second! Yes, that’s billion.
What makes this concerning is this attack was one of the largest packet-per-second flooding attacks ever reported. While it may not have broken total data size records, it certainly shattered packet speed records.
The founder of FastNetMon said we can't wait and clean up after attacks happen; ISPs need to mitigate this junk traffic at the source before it gets too big to tackle.
If I was running the network today, here is what I would do.
What actually happened?
- The hackers were performing a UDP flood attack. This basically means that they created a ton of fake traffic that didn’t need replies and made many servers very busy.
- The attack utilized thousands of hacked smart devices and routers. We are talking about everyday devices like security cameras and home devices.
- The total was from over 11,000 different networks globally.
- Thankfully, a company called FastNetMon detected the attack very quickly and got to work.
How did they stop an attack like this?
The defenders didn’t sit back—they fought back hard:- They used a scrubbing system that would clean off the bad traffic while getting the good traffic, complete with user requests, through.
- They created access control lists (ACLs) on their routers to stop traffic depending on where it was coming from that was commonly used to carry out attacks.
- They used rate limits and survived traffic checks to classify what was fake and what was legitimate.
Reasons why this matters
Have you stopped to think about how your smart devices could be weaponized against someone else? That's exactly what happened here. When IoT devices, such as smart TVs or cameras or routers, are taken advantage of, that device or group of devices can be used as botnet members used to launch attacks.What makes this concerning is this attack was one of the largest packet-per-second flooding attacks ever reported. While it may not have broken total data size records, it certainly shattered packet speed records.
The founder of FastNetMon said we can't wait and clean up after attacks happen; ISPs need to mitigate this junk traffic at the source before it gets too big to tackle.
My thoughts on it
Honestly, these attacks keep growing larger and larger. A couple of years ago, 100 million packets per second felt huge. Now, that seems tiny compared to 1.5 billion.If I was running the network today, here is what I would do.
- Make sure all smart devices are updated and secure.
- Work with ISPs willing to block attacks early.
- Continue to monitor for abnormal traffic patterns in order to prevent issues before they become planted.
