March 6, 2018 by

1.7Tbps: Internet Registers its Biggest DDoS Attack Ever

A distributed denial of service (DDoS) attack mitigatory and network security company has confirmed a new record-breaking DDoS attack, clocking a bandwidth of 1.7 terabytes per second.

Arbor networks has confirmed a 1.7Tbps DDoS attack targeted at a customer of a US-based DDoS provider. The attack stems from a new technique that abuses scantily secured servers to trigger the era of terabit-sized DDoS attacks.

Memcached, a database caching system used by websites and networks to speed up their load-times and pages, is now being abused by DDoS criminals to amplify their cyberattacks by up to 50,000x. In theory, a single home PC with a 100 Mb/s upload from its ISP is capable of inundating a target with a massive 5 terabits per second.

The 1.7tbps DDoS attack, which relies on the Memcached amplification method, is now officially the largest reported DDoS attack on record. Still, the customer and the ISP claim they weren’t disrupted.

Abor vice president of global sales engineering and operations Carlos Morales said:

It’s a testament to the defense capabilities that this service provider had in place to defend against an attack of this nature that no outages were reported because of this.

This particular attack comes merely a week after code repository GitHub was taken down in what was then the world’s largest DDoS attack using the same technique at a massive 1.3Tbps. GitHub was knocked offline for at least 10 minutes at the time.

“While the internet community is coming together to shut down access to the many open memcached servers out there, the sheer number of servers running memcached openly will make this a lasting vulnerability that attackers will exploit,” Morales added.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

DDoS Attack Takes Down UK National Lottery Website

The UK National Lottery’s website and its associated mobile applications were knocked offline by...

Read more arrow_forward

DDoS Attacks Double with Corporate Data Under Threat

DDoS attacks are on the rise in 2017 with a third of all organizations facing at least one DDoS...

Read more arrow_forward

Lisa Bock on A New Twist on Ransomware - Internal DDoS

Lisa Bock is an associate professor of information technology at Pennsylvania College of Technology...

Read more arrow_forward