Cloudflare Reports Record-Breaking DDoS Attacks — How to Stay Protected

On February 13, Cloudflare, a website performance and security company, reported blocking dozens of large-scale DDoS attacks on websites under its protection. The company described the record-breaking series of attacks as “hyper-volumetric” – that’s cyberspeak for so big we don’t have a term for them yet. They came less than a fortnight after another DDoS attack campaign targeting healthcare websites. 

While Cloudflare states the two attack campaigns were unrelated, they signal an overall rise in the severity of DDoS attacks on business websites. This raises concerns for website owners across the board and marks a greater need to understand and combat DDoS attacks.

Using a VPN with strong encryption helps protect you against DDoS and other types of network attacks. Try CyberGhost VPN risk-free.

Cloudflare Blocks Record-Breaking Hyper-Volumetric DDoS Attacks

The attacks on Cloudflare’s client websites came from more than 30,000 IP addresses. On average, they sent between 50-70 million requests per second (rps) with the largest attack exceeding 71 million rps. 

Graph showing the spike in requests per second during attacks
Cloudflare’s report graph

These hyper-volumetric attacks were the largest on record to date – being 54% higher in volume than the previous high, which were recorded June, 2022. The June attacks were also record-breaking at the time at 46 million rps (requests per second).

Among the companies under attack were gaming providers, cryptocurrency companies, and hosting providers. Cloudflare also reports a general increase in cloud-based DDoS attacks, noting that launching DDoS attacks is now easier and more accessible to cybercriminals.

Unlike other types of malware attacks, DDoS attacks don’t require you to click on malicious links. Hackers only need to know the website’s IP address to flaunch a cyber assault. This makes it an attractive option since they don’t need to deal with the uncertainty of spear-phishing.

The number of low-level phishing attacks is also expected to rise dramatically as hackers use ChatGPT to write phishing emails and malware. Despite OpenAI having anti-abuse blocks, hackers in underground forums are selling bypasses for blocks.

The report also noted the “size, sophistication, and frequency of attacks” is increasing with Cloudflare’s latest statistic suggesting a 79% yearly increase in HTTP DDoS attacks. In 2022, we reported a 400% increase in all DDoS attacks from the year before.

What Are DDoS Attacks?

A distributed denial-of-service (DDoS) attack is when cybercriminals overwhelm the traffic of a network, server, or infrastructure. By flooding it with internet traffic, compromised systems and networks are disrupted. Threat actors can then infect them with malware and use them as sources of attack. 

Image showing how DDoS attacks work from the hacker, through a botnet, to the target.
With DDoS attacks, one malicious party can create a legion of attackers quite easily.

An infected device is sometimes called a “bot” or “zombie” since it responds to the cybercrook’s commands. A network of infected devices is called a botnet. When a server is attacked by a botnet, every single member of the botnet starts sending to that IP address. This overloads the server or network resulting in a denial-of-service, which usually suspends normal traffic.

How to Defend Against DDoS Attacks?

If you’re a business or website owner, you’ll likely want to know how to defend against DDoS attacks. The attacks can shatter businesses and render networks paralyzed ⁠— even if they’re well put together. Part of defending against DDoS attacks is knowing the tell-tale signs you might be under attack:

          • Unusually high volume of emails
          • Servers are slower than usual
          • Slow computer performance

Knowing you might be under attack from an early stage gives you time to respond and take anti-malware measures. 

To prevent attacks from occurring, it’s important to be aware of major vulnerabilities and have a strong security network in place. Part of that includes:

          • Having a strict firewall. A firewall is your first line of defense against attacks. It decides on whether to allow or block incoming and outgoing traffic. Stricter firewall rules will make it harder for cybercriminals to overload your network.
          • Botnet detection. Bot detection systems use various perception tests only humans could pass. Having them in place in your website infrastructure will make it harder for malicious parties to down your server with traffic. 
          • Running regular malware scans. If you catch an infection on time and combat it with a staunch anti-malware protocol, you may be able to weed out the virus before it gets out of control. Daily malware scans are a great idea for security conscious website owners.
          • Practice Digital Hygiene. Improve your general cyber hygiene to reduce the overall risk of attacks. 
          • Hiding your IP address. DDoS attacks can’t take place if cybercriminals don’t know your real IP address, so it’s a good idea to hide your IP address behind a VPN. Being consistent with using your VPN will stop your real IP address from being exposed. 

CyberGhost VPN uses bank-level encryption to protect your traffic. By connecting to our secure VPN servers, you keep your real IP address hidden. Get CyberGhost VPN to prevent DDoS attacks.

Leave a comment

Good day,
I have some questions concerning cyber security.
I. How do I know if my iOS device is on attack.
Ii. How do I block phishing into my network activities in my browser, WhatsApp and other apps.
Iii. How do I protect my iOS device from malware cyber infection.
IV. Is there any possibility to be able to block my MAC address and my IP address?. How?
Thanks in advance for your reply.
Ebai Richard


Write a comment

Your email address will not be published. Required fields are marked*