500Gbps DDoS attack flattens world record

Booter blasters belt businesses.


The world's largest distributed denial of service attack has been clocked at 500Gbps, according to Arbor Networks.

The attack was reported by a third party and is yet to be analysed, other than in terms of its size.

British teen Seth Nolan-Mcdonagh likely held the title for the previous largest DDoS, which came in at 300Gbps. He was arrested and ducked jail after he knocked SpamHaus off the internet.

The annual Arbor survey (PDF) (or here if you want to hand over some data before downloading) gathered 354 responses from service providers, hosts and mobile service providers around the world in the 12 months to November last year.

"The largest attack reported by a respondent this year was 500Gbps, with other respondents reporting attacks of 450Gbps, 425Gbps, and 337Gbps," the report states.

"This continues the trend of significant growth in the top-end size of DDoS attacks year-over-year.

"Last year, we highlighted that 20 percent of respondents reported attacks over 50 Gbps … this year nearly one-quarter of respondents report peak attack sizes over 100 Gbps."

Five respondents said they detected DDoS attacks above 200Gbps with a large number reporting attacks over 100 Gbps.

Arbor Networks notes attacks against cloud-based services are rising, up by a third over the previous year.

Reflection and amplification attacks exploiting vulnerabilities in the network time protocol remain popular. Servers are continually being patched against the attack which allows attackers to gain a large response to a small query and direct it at a target of their choosing.

“... the findings from this report underscore that technology is only part of the true story since security is a human endeavour and there are skilled adversaries on both sides," Arbor Networks security chief Darren Anstee says.

The network security outfit says DDoS attackers are more motivated by financial extortion than the hacktivism or vandalism prevalent in past years, launching more complex multi-vector simultaneous attacks against infrastructure, applications, and services.

Almost all respondents found application-layer DDoS attacks, mostly targeting DNS services rather than web servers.

Those DNS attacks caused customer outages in a third of cases compared to a quarter the previous year.

More than half of respondents said DDoS attacks saturated their internet connectivity, knocking over enterprise stateful and inline firewalls. Arbor says those devices are often the first victims of DDoS attacks and being inline actually add to network latency. ®

Similar topics


Other stories you might like

  • Cisco warns of security holes in its security appliances
    Bugs potentially useful for rogue insiders, admin account hijackers

    Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances. 

    The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.

    This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come. 

    Continue reading
  • Malaysia-linked DragonForce hacktivists attack Indian targets
    Just what we needed: a threat to rival Anonymous

    A Malaysia-linked hacktivist group has attacked targets in India, seemingly in reprisal for a representative of the ruling Bharatiya Janata Party (BJP) making remarks felt to be insulting to the prophet Muhammad.

    The BJP has ties to the Hindu Nationalist movement that promotes the idea India should be an exclusively Hindu nation. During a late May debate about the status of a mosque in the Indian city of Varanasi – a holy city and pilgrimage site – BJP rep Nupur Sharma made inflammatory remarks about Islam that sparked controversy and violence in India.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading

Biting the hand that feeds IT © 1998–2022