I’ve written here before about the sheer pace at which Cloudflare’s tech team delivers high-impact features like worker tasks at the edge, Early Hints to speed up Websites automatically, and globally distributed low latency storage (R2). Equally impressive is how quickly they put down massive Denial of Service (DDOS) attacks co-ordinated by bad actors.
"Earlier this week, Cloudflare automatically detected and mitigated a DDoS attack that peaked just below 2 Terabits per second — the largest we’ve seen to date. This was a multi-vector attack combining DNS amplification attacks and UDP floods. The entire attack lasted just one minute. The attack was launched from approximately 15,000 bots running a variant of the original Mirai code on IoT devices and unpatched GitLab instances.
Once the attack traffic was detected (within sub-seconds), our systems generated a real-time signature that surgically matched against the attack patterns to mitigate the attack without impacting legitimate traffic."
Note: 1 Terabit/sec = 1,000 Gigabits/sec