Here’s how security cameras drove the world’s biggest DDoS attack ever
The record for the biggest DDoS attack ever seen has been broken once again, with an absolute monster of distributed denial of service firepower managing to almost reach the not-so-magic 1Tbps mark.
Technically this was actually two concurrent attacks, although the majority of the traffic was concentrated in one, which is the largest ever recorded single blast of DDoS.
As the Register reported, Octave Klaba, the founder and CTO of OVH.com, the French hosting company which suffered the attack, said that the assault consisted of two simultaneous barrages of 799Gbps and 191Gbps, for a total of 990Gbps.
The previous largest DDoS was the recent 620Gbps effort that hit ‘Krebs On Security’, the website of security researcher Brian Krebs, which was driven by the same botnet of some 150,000+ compromised Internet of Things devices, routers, DVRs and security cameras responsible for this latest volley.
Krebs said he was hit in retaliation to an article posted on his blog, although it isn’t clear why OVH.com came under fire.
As Klaba said on Twitter, though, it’s hardly uncommon for his company to experience DDoS, and a tweet outlining the attacks suffered by the organisation over a period of four days this month showed 25 separate attacks which all exceeded 100Gbps (including the two mentioned here). Several others were simultaneous (or near-simultaneous) pairs of attacks, too.
He further noted that the botnet in question could potentially up its firepower by some 50% compared to the assault his company was hit by, tweeting: “This botnet with 145,607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS.”
Not only are DDoS attacks getting larger in size, but they are also becoming much more frequent according to a VeriSign report we saw back in the spring – this observed that the number of attacks had almost doubled in the final quarter of 2015, compared to the same period in the previous year.