DDoS attacks keep growing in scale, with Cloudflare recently stopping what might be the biggest ever: a massive 37.5 terabytes of junk data hit a single IP in just 45 seconds. This staggering event highlights how intense these attacks have become and why companies like Cloudflare are crucial in defending the internet.
Back in May, Cloudflare revealed details about this monumental assault in a detailed blog post. The attack blasted a Cloudflare customer’s IP address with a UDP packet flood, targeting over 34,000 destination ports. Unlike the more common TCP, UDP packets don’t require handshakes or data checks, making them ideal for quickly overwhelming servers. The server was hit with 7.3 billion bits per second in this case, equating to nearly 38 terabytes during the brief attack.
Where did all this traffic come from? About 5,433 autonomous systems spread across 161 countries, with Brazil and Vietnam contributing roughly half of the traffic. Imagine cramming 260 copies of Baldur’s Gate 3 onto a single SSD in under a minute; that’s the scale here. Yikes, right?
Cloudflare’s chief security officer, Grant Bourzikas, told me last month they’ve seen a sharp rise in such attacks recently. Just weeks before this record, they stopped assaults peaking at 3.5, then 4.5, 5.5, and even 6.5 terabits per second. The trend is clear: these floods are getting bigger and more frequent.
Thankfully, Cloudflare’s network is designed to tackle these threats head-on. Their distinct approach means they stop attacks locally. If there’s an attack in Manchester, they block it there; in Paris, they handle it. This distributed defense stops attackers from overwhelming the network globally, which is key when dealing with traffic volumes like these.
Their infrastructure covers about 20% of all internet traffic, spread over 350 locations in 120 countries. So while some might grumble about another data center popping up nearby, it’s probably a good thing if it’s a Cloudflare facility. Because rest assured, the next record-breaking DDoS attack is coming, and these defenses will be the frontline.
Have you ever experienced a DDoS attack on your gaming or streaming services? What do you think about the escalating scale of these assaults?
