There has recently been a significant surge in Distributed Denial-of-Service (DDoS) assaults all around the world. A DDoS attack is a malicious attempt to interrupt regular traffic to a targeted server, service, or network by flooding the target or its surrounding infrastructure with excessive Internet traffic.
Cloudflare has reported that it has neutralized a Distributed Denial-of-Service attack that leveraged about 15,000 compromised devices and topped at just under 2 Tbps of bandwidth. The assault was believed to have employed a combination of Mirai-infected Internet of Things devices, which are frequently used to conduct enormous DDoS attacks, and unpatched versions of the GitLab developer tool.
The DDoS assault comes only a few weeks after Rapid7 announced a GitLab vulnerability on November 1, 2021, rated a full 10.0 on the CVSS severity scale, that could be leveraged to enable an attacker to remotely run code, and warned that exploitation would likely increase as the problem became publicly known.
According to Cloudflare’s research, it was a multi-vector attack that involved DNS amplification attacks as well as UDP floods. As per Cloudflare, the assault, which lasted just under a minute, was the biggest it has seen to date. While Cloudflare stopped the assault in seconds, it warns that it saw many terabit-strong DDoS strikes last month and that this is unlikely to change very soon.
Moreover, Lumen Technologies has issued its third Quarterly DDoS Report. Lumen discovered that 34% of the 500 worst DDoS assaults in Q3 targeted the telecoms industry. Another 21% of events targeted software and technology organizations, while 12% targeted retail and distribution, 8% targeted hosting, and 7% targeted government agencies.
Lumen’s director of information security and threat intelligence, Mark Dehus, noted that there has been an increase in assaults against VoIP services in particular, employing a variety of tactics, and cautioned that such threats are growing more complicated.