Cloudflare claims it has mitigated the biggest cyber attack of its kind

By Sooraj Shah
12 Feb 2014 View Comments
Firewall illustration

Cloud services firm Cloudflare has claimed it has recorded and mitigated the biggest ever cyber attack.

The cyber attack exploited the Network Time Protocol (NTP), a system for clock synchronisation between computer systems, by sending requests with fake source IP addresses to NTP servers. The servers were then tasked with returning large responses to the fake IP addresses instead of the real senders. The method involves a Denial of Service (DoS) attack, in which a data overload sends the victim crashing.

Further reading

It is unknown who the target of the assault is, although it was focused on servers in Europe.

Cloudflare CEO Matthew Prince took to Twitter to reveal that Cloudflare was experiencing the attack.

"Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating," he tweeted.

"Someone's got a big, new cannon. Start of ugly things to come."

The Cloudflare systems account then tweeted that "attacks have been mitigated. Performance should be at normal levels."

Prince believes that the attack was measured at 400Gbps – about 100Gbps larger than the attack on spam filtering service Spamhaus in March last year.

Cloudflare was involved in mitigating the Spamhaus attack too, which at the time was lauded as a cyber attack that could "take down the internet".

At the time, Computing questioned whether this was technically possible, with experts suggesting that it was impossible for any targeted attacks to break the internet. It was likely that the attack was perhaps the biggest in public knowledge, but far less likely to be the biggest attack ever, and perhaps the same applies here.

Ashley Stephenson, CEO of security firm Corero Network Security, said that the latest attack was a "cause for concern" and that it most likely will not hold the "biggest DDoS attack ever" title for too long.

He believes that ISPs should do more to protect their customers.

"There is a growing expectation that ISPs should enhance their network infrastructure and services with an additional layer of security, capable of inspecting and detecting malicious traffic closer to the source before it converges on the intended DDoS victim – who is frequently one of their own customers," he said.

Nathaniel Couper-Noles, principal security consultant at risk management consulting firm Neohapsis, believes that enterprises and individuals should research and implement network hardening techniques on the systems and networks they own.

"This often means tweaking system settings, or in certain cases may require tinkering with routers and switches," he said. "Product-specific hardening guides can be found online at reputable sites. As with all technology, the devil is in the details and effective management is important in getting it right."

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

35 %
31 %
14 %
20 %