In The News (DDoS)

.docx

School

Community College of Allegheny County *

*We aren’t endorsed by this school

Course

310

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

2

Uploaded by BrigadierDovePerson952

Report
Emie Denes Cit-182-z02 Matthew Kisow Cloudflare Blocks DDoS Attack Cloudflare is a security company providing cloud cybersecurity, DDoS mitigation, domain registration services, and content delivery network services. This year in early February, Cloudflare detected more than a dozen DDoS attacks, the largest exceeding 71 million rps. This breaks the previous record for highest DDoS attack by 35%. The attacks were HTTP/2-based targeting websites protected by Cloudflare, which included a gaming provider, cryptocurrency companies, and cloud computing platforms. They tied the attack to the hacktivist group Killnet. Killnet is an infamous Russian hacktivist group whose goal is to take down websites they accused with siding towards Ukraine over Russian in the war. Their most common victims being healthcare and government organizations. Cloudflare users were warned they may experience lagging and eventual downtime during this. Industry leaders then warned that Killnet was already working on a second attack a few days later. Since 2017, Cloudflare has been providing free DDoS mitigation services and has now been working with the victims of this February attack, offering a free botnet threat feed. This will “share threat intelligence from their IP and any ongoing attacks originating from their hosted autonomous system.” (Davis, 2023) The company is expressing how important it is for networks and servers to implement detection and mitigation bots, saying “while attacks may be initiated by humans, they are executed by bots - and to play to win, you must fight bots with bots.” (Davis, 2023) It is putting defenders at a disadvantage to rely on humans in real time to mitigate these attacks. Cloudflare’s website mentions how their HTTP DDoS attack protection managed ruleset works. It is a set of pre-configured rules updated regularly twhich match known DDoS attack vectors at the application layer. “The rules match known attack patterns and tools, suspicious patterns, protocol violations, requests causing large amounts of origin errors, excessive traffic hitting the origin/cache, and additional attack vectors at the application layer.” (Cloudflare, 2023) Though it is always enabled, users can customize the behavior to match their needs, such as customizing the DDoS protection setting to avoid false positives in the case of expecting large spikes of legitimate traffic. This prevents the legitimate traffic from being falsely identified as an attack thus blocking real users from accessing the site or application. This service is free for all Cloudflare customers, but the number of rules that can be overridden is dependent on which plan they choose.
Citations Davis, J. (2023, February 14). Cloudflare blocked largest reported DDoS attack at 71M requests per second . SC Media. Retrieved September 12, 2023, from https://www.scmagazine.com/news/cloudflare-blocked-largest-reported-ddos-attack-at-71m- requests-per-second N/A (2023, June). HTTP DDoS Attack Protection managed ruleset . Cloudflare. Retrieved September 12, 2023, from https://developers.cloudflare.com/ddos-protection/managed-rulesets/ http/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help