Web infrastructure company Cloudflare revealed on Monday that it had blocked a DDoS attack with a capacity of 71 million requests per second (RPS).

“Most attacks have reached between 50 and 70 million requests per second (RPS) with the largest exceeding 71 million,” the company said, calling it a high-volume DDoS attack.

It is also the largest HTTP DDoS attack reported to date, up more than 35 percent from the previous record DDOS attack of 46 million RPS that Google blocked in June 2022.

Cloudflare said the attacks came at a website protecting its network from a botnet of over 30,000 IP addresses belonging to several cloud service providers.

The websites targeted were a very popular gaming provider, cryptocurrency company, hosting provider and cloud platform.

HTTP attacks of this type are designed to send a tsunami of HTTP requests towards a website, usually more than the website can handle with the aim of making it inaccessible.
“Due to the sheer volume of requests, the website’s server cannot process all of the legitimate requests coming from users,” Cloudflare said.

“Users will see the website load slowly, not load at all, or even be unable to access it.”

The developments come as the size, frequency and level of sophistication of DDoS attacks has increased with the company recording a 79 percent increase in attacks compared to a year ago.

Additionally, the number of voluminous attacks lasting more than 3 hours has increased by 87 percent.
Some of the most attacked industries are aviation, education, gaming, hospital networks and telecommunications. Georgia, Belize and San Marino were some of the top countries targeted by HTTP DDoS attacks in the fourth quarter of 2022.

Network-level DDoS attacks, on the other hand, hit China, Lithuania, Finland, Singapore, Taiwan, Belgium, Costa Rica, the United Arab Emirates, South Korea, and Turkey.