CLOUD OUTFIT Cloudflare has reported that it defeated a massive distributed denial of service (DDoS) attack that hit one of its customers on Monday.
Cloudflare revealed the attack on its Twitter accounts. On a systems account it posted that it was fighting off an attack on European and US fronts. "Mitigating a large attack hitting much of the EU," it said. "Continuing to work through attack, also affecting some of the US."
Performance seems to have fluctuated for a few hours, but settled down at about 10am this morning UK time. The @cloudflaresys account's last message read, "All sites have returned to production."
Cloudflare CEO Matthew Prince also took to Twitter to discuss the assault, and described it as huge.
"Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating," he said. "Someone's got a big, new cannon. Start of ugly things to come."
Prince is referring to the 2013 DDoS attack on Spamhaus that Cloudflare helped investigate. "The attack, initially, was approximately 10Gbps generated largely from open DNS recursors," Cloudflare said in its report about the incident.
"On March 19, the attack increased in size, peaking at approximately 90Gbps. The attack fluctuated between 90Gbps and 30Gbps until 01:15 UTC on March 21."
This time the attack bandwidth was around 400Gbps, according to Prince, and employed a network time protocol (NTP) approach that works through the internet's distributed timekeeping. He added that an NTP reflection DDoS attack is "nastier than DNS reflection". µ