Cloudflare, a leading web infrastructure and security company, has successfully mitigated what is now regarded as the largest DDoS attack (distributed denial-of-service) on record.
This attack, which peaked at 3.8 terabits per second (Tbps), occurred in September 2024 and lasted for 65 seconds.
This staggering event surpasses the previous record of 3.47 Tbps from November 2021, targeting an unnamed Microsoft Azure customer in Asia. The primary targets of the attacks were companies in the financial, internet, and telecommunication sectors.
The attack leveraged compromised devices such as MikroTik routers, DVRs, and web servers from countries including Vietnam, Russia, Brazil, Spain, and the U.S.
These devices were infected by a botnet exploiting a critical vulnerability (CVE-2024-3080) in ASUS home routers. Cloudflare’s ability to thwart this attack was rooted in its advanced capacity to inspect and filter malicious traffic, preventing systems from becoming overwhelmed.
What is a DDoS Attack?
A Distributed Denial-of-Service (DDoS) attack is a cybercrime where the attacker floods a server with massive amounts of internet traffic, often through compromised devices called botnets.
The objective is to overwhelm the targeted systems—servers, services, or networks—rendering them inaccessible to legitimate users.
This kind of attack typically disrupts the normal functioning of online services, causing outages and slowing down network operations.
DDoS attacks can target different layers of the internet infrastructure, using techniques such as volumetric attacks or application-layer attacks, and may act as a smokescreen for other cyber activities like data theft
DDoS Attacks on the Rise Globally
DDoS attacks have become more frequent and sophisticated in recent years. In the first half of 2024 alone, there was a notable 30% increase in the number of such attacks.
Also Read: How Cloudflare uses lava lamps to strengthen website encryption
Particularly targeted industries include banking, financial services, and public utilities. Hacktivist activities and the increased use of DNS-over-HTTPS (DoH) for command-and-control (C2) systems have made detecting and defending against these attacks more challenging.
The Current State of Cyberattacks in Kenya
Kenya is not immune to the increasing threat of cyberattacks, with DDoS attacks being a significant part of this landscape.
In recent months, cyberattacks in the country have risen by 16.5%, driven largely by vulnerabilities in outdated systems and the rapid proliferation of insecure Internet of Things (IoT) devices.
Between April and June 2024, the Kenya Computer Incident Response Team (KE-CIRT) reported over 1.1 billion cyber threats, a significant portion of which included DDoS attacks.
In July 2023, Kenya faced a major DDoS attack that crippled essential services such as the e-Citizen platform, Kenya Power, and other financial services.
This attack highlighted the vulnerability of critical infrastructure and the increasing sophistication of cybercriminals targeting the country.
With DDoS attacks continuing to evolve, Kenyan organizations—especially those in telecommunications, financial services, and public utilities—are being urged to implement more robust cybersecurity measures. Enhanced monitoring and proactive defense strategies are essential to protect against the ever-growing threat posed by these attacks.
By mitigating these attacks early, both globally and in regions like Kenya, companies can prevent the large-scale disruption and reputational damage that often accompany cyber incidents.
