In a recent incident, the European Provider from DDOS attacks experienced an unprecedented attack with a capacity reaching 1.5 billion packages per second. This large-scale wave of traffic originated from thousands of infected IoT devices and Mikrotik routers that were turned into a distributed botnet by attackers. Fortunately, the attack was identified and stopped in real time thanks to the Fastnetmon monitoring system, which utilized filtering mechanisms at the router level and available traffic purification products. Fastnetmon clarified that the attack was a massive UDP flood from over 11 thousand networks worldwide.
To combat such attacks, access control lists on boundary routers and specialized scrubbing centers were utilized to analyze and limit the speed of packages, as well as employ heuristic methods to detect anomalies. While the identity of the targeted client remains undisclosed, it is known that the attack was directed at a DDOS filtering service specifically designed to counter such attacks.
This attack was notable for its extensive use of sources and the utilization of household network equipment as weapons. This incident is not an isolated case, as a week prior, Cloudflare reported the largest volumetric attack per second. In both instances, the attackers aimed to overload data processing resources, potentially disrupting essential services.
Pavel Odintsov, the founder of Fastnetmon, has warned that this trend poses a threat to the stability of the global Internet. He emphasized that combating such attacks necessitates intervention at the level of Internet providers, urging them to implement mechanisms for filtering outgoing traffic before it reaches a critical scale. Without these preventative measures, Odintsov cautioned that massively infected users could be transformed into a destructive weapon capable of causing widespread damage on a global scale.