Cloudflare, an American company specializing in securing web services, recently thwarted a "monumental" cyberattack: with a peak of 7.3 terabits per second, it was apparently the largest DDoS attack ever recorded by its services in terms of throughput.
A significant portion of our modern society depends on digital services that have become almost indispensable to its functioning. Examples include DNS, which plays a central role in web browsing, hosting providers, financial services such as SWIFT, through which the vast majority of global transactions pass, as well as a large number of emergency services... If one or more of these players were put out of service by a cyberattack, even temporarily, we would be exposed to considerable disruption, with very real economic, logistical and security consequences.
For obvious reasons, most of these services are therefore extremely well protected. They are located in veritable digital fortresses, which are almost impossible to infiltrate, even for seasoned hackers.
What is a DDoS attack?
To impact its operation, malicious actors can therefore use another technique: the DDoS attack, for Distributed Denial-of-Service, which consists of flooding a target network with useless requests in order to saturate it. If the attack is large enough, the network becomes catatonic, and all associated services are disrupted without the hacker having to find a breach in the defenses.
This is a type of attack that can be difficult to defend against, because DDoS exploits “vulnerabilities” that are absolutely essential to the operation of these services: the public entry points that allow legitimate users to access them.
Imagine a medieval fortress that represents one of these services. It can be surrounded by very high walls, populated by very attentive guards and riddled with locks that are almost impossible to pick: even the king of thieves will have a hard time infiltrating it.
But even the best-protected forts will always need an entrance door. If the truant's goal is not to steal something and simply wants to sow discord, he can therefore recruit a horde of thousands of very angry villagers who will come and gather in front of the portcullis. The guards, completely overwhelmed, can no longer do their job properly and are forced to completely close off access. Result: no intrusion has occurred, but legitimate visitors are unable to enter and all daily operations (commerce, political meetings, religious services, etc.) are interrupted.
In digital terms, this horde is often embodied by what is called a botnet — an army of zombie computers previously infected by a hacker. These are then exploited to participate in a large-scale coordinated attack by simultaneously sending thousands of unnecessary requests, with the aim of exceeding the server's capacity to handle all this traffic.
A record DDoS attack with a peak of 7.3 Tbps
If the botnet is large enough, the volume of traffic can quickly reach spectacular proportions — and Cloudflare's latest report is a good example. The company claims that last May, its anti-DDoS services stopped a major attack. In total, 21,925 ports on the customer's IP address were flooded with a torrent of 37.4 TB of data, the equivalent of more than 9,000 HD feature films... in just 45 seconds, with a total throughput reaching 7.3 Tbps.
According to Cloudflare, the attack originated from a very large botnet. On average, more than 26,500 IP addresses connected to the target every second, with a peak of more than 45,000. The majority of the affected devices were located in Brazil, Vietnam, and to a lesser extent in Taiwan and China.
Fortunately, this large-scale attack was thwarted in real time, and the services of the customer in question (whose identity has not been revealed for privacy reasons) were not affected. But these figures still reflect a rather worrying trend.
An increasingly trying standoff
Indeed, in recent years, we have seen hackers managing to coordinate increasingly massive DDoS attacks, with data volumes that continue to explode. In the early 2020s, the Tbps mark was crossed for the first time. Two years later, the record had more than tripled. In 2024, it passed beyond 5 Tbps. And since January 2025, three attacks exceeding 6 Tbps have already been documented.
Azure: Microsoft thwarted the largest DDoS attack ever recorded
Certainly, today, defenders still have a much greater redirection capacity (often in the order of several tens of Tbps). In the short term, the risks of disruption on a global scale therefore remain very low. But the size of botnets and the volume of traffic they are capable of generating seem to be increasing faster than this defense capacity. Beyond the raw data volume, it is above all the speed of this inflation that is worrying.
Furthermore, DDoS attacks are becoming increasingly sophisticated. For example, hackers are no longer just looking to occupy all available bandwidth. They are increasingly focusing on targeted requests that trigger heavy processes, with the aim of exhausting the server's CPU or RAM.
In this context, only a handful of global players, such as Cloudflare or Google, could be able to keep pace. If this happens, we could find ourselves in a situation of over-centralization of security, with potentially terrible consequences if a link in this chain were to fail.
In conclusion, DDoS is no longer a simple technical problem reserved for network engineers: it is a systemic issue that increasingly threatens the stability of our connected societies. It will therefore be interesting to monitor both the evolution of techniques and defense infrastructures, hoping that they will remain capable of preventing a real digital cataclysm.
0 Comments