Is it a day ending in 'y'? Well then that makes it just about time for Cloudflare to announce it's mitigated yet another record-breaking DDoS attack—this time to the tune of 11.5 Tbps (that's terabits per second) at its peak. Might as well add 'hyper-volumetric DDoS attack' to my list of sleep paralysis nightmares.
Anyway, Cloudflare shared on X that the attack in question was specifically a UDP flood-style attack. Cloudflare have their own helpful explainer of what this style of attack entails, but another way to describe it would be to deploy another of my tried and true club metaphors.
So picture this: rather than rocking up to the club and pinning all of your hopes on one fake ID, you instead fling fistfuls of counterfeit credentials at the bouncer and, in the ensuing confusion, tear inside the club. Whatever you do in there takes the fine establishment out of commission for the rest of the night.
This specific attack attempted to overwhelm its target with 5.1 billion packets per second (that's a whole lot of 'fake IDs'). Cloudflare say it successfully mitigated the attack, which only lasted about 35 seconds in the end.
Originally, Cloudflare said it had traced the attack to somewhere within Google Cloud but a more complex picture has since emerged. In a recent update, Cloudflare posted that the attack came from a number of cloud service providers as well as internet of things type devices. The company clarified, "While Google Cloud was one source, it was not the majority."
Cloudflare says that a more in-depth breakdown of this doozy of a DDoS attack will feature in its next report—and I, for one, cannot wait to get into all of the metaphorical club gossip. Especially as this recent attack makes the previous record breaker—an attack Nick helpfully described as comparable to "over 260 copies of Baldur's Gate 3 in less than a minute"—seem like a downright forgettable drop of tea.
Besides mitigating massive DDoS attacks, Cloudflare has also been in the news for its Pay Per Crawl scheme. Rather than AI crawlers hoovering up your website data completely unfettered, Cloudflare now automatically blocks the bots, with the Pay Per Crawl scheme allowing creators to 'opt in' and get paid.
Considering figures from last year suggested that bots account for half of global web traffic, charging AI companies for the privilege of slurping up 'training data' is hardly an unpopular idea. However, not everyone wanted to play by Cloudflare's rules, resulting in a post calling out AI search engine company Perplexity for "using stealth, undeclared crawlers to evade website no-crawl directives." Perplexity clapped back by calling the company "more flair than cloud." Might want to go back to the drawing board on that one…
1. Best overall:
HP Omen 35L
2. Best budget:
Lenovo Legion Tower 5i
3. Best high-end:
Corsair Vengeance A7500
4. Best compact:
Velocity Micro Raptor ES40
5. Alienware:
Alienware Area-51
6. Best mini PC:
Minisforum AtomMan G7 PT
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
