The majority of the onslaught was executed through User Datagram Protocol (UDP) packets, typically utilized for time-sensitive operations such as video playback, gaming, and DNS lookups. Diverging from the more customary Transmission Control Protocol, UDP dispenses with the need to establish a connection prior to transmitting data, opting instead to direct the data instantaneously.
Consequently, during a UDP flood, the targeted system sends back an abundance of data packets signifying that the ports are inaccessible, eventually culminating in an overload that obstructs any legitimate traffic from passing through.
The rising tide of online attacks continues to swell with each passing day. The most recent onslaught reached a staggering 7.3 terabits per second – a colossal deluge of data, equivalent to over 9,300 full-length HD movies or 7,500 hours of HD streaming content. Picture it, all in a mere 45 seconds!
These UDP flood attacks function by inundating the target IP with an excessive quantity of packets, directed at random or specific ports, to overwhelm the target’s Internet connection or internal resources. Exploiting the fact that UDP does not require a handshake, attackers have the ability to swamp a server without authorization, rendering it incapable of managing the onslaught of traffic.
Cloudflare, renowned for its prowess in Internet security and performance, disclosed that the assailants unleashed a relentless assault by bombarding the target with 37.4 terabytes of junk traffic, saturating nearly 22,000 destination ports of a single IP address with a “carpet bombing” tactic. In total, a staggering 34,500 ports were targeted, a testament to the meticulous planning and thoroughness of the attack.
