Truth, Inspiration, Hope.

A Mere 5,000 Bots Just Set a DDOS Attack Record

Neil Campbell
Neil lives in Canada and writes about society and politics.
Published: June 17, 2022
Close-up of logo on facade at headquarters of cyber security company Cloudflare in San Francisco, California, June 10, 2019. The firm said that a botnet composed of only 5,000 devices just set the DDOS attack record last week, which was mitigated by the company’s services. (Image: Smith Collection/Gado/Getty Images)
Close-up of logo on facade at headquarters of cyber security company Cloudflare in the South of Market (SoMA) neighborhood of San Francisco, California, June 10, 2019. (Photo by Smith Collection/Gado/Getty Images)

A new record was just set for the largest Direct Denial of Service (DDOS) attack ever recorded, an especially notable event because it was conducted by just slightly more than 5,000 devices.

According to a June 14 blog post by DDOS mitigation tool provider Cloudflare, a 26 million request per second (rps) HTTPS-focused DDOS attack was delivered to an unidentified client, far eclipsing previous records of 17.2 million rps in August of 2021 and 15 million rps in April of this year.

Cloudflare stated that the record-setting attack “originated from a small but powerful botnet of 5,067 devices.”


“To contrast the size of this botnet, we’ve been tracking another much larger but less powerful botnet of over 730,000 devices,” the company explained. “The latter, larger botnet wasn’t able to generate more than one million requests per second, i.e. roughly 1.3 requests per second on average per device.”

They found that the record-setting botnet “was, on average, 4,000 times stronger” because it employed virtual machines and servers.

Cloudflare also stated that the HTTPS approach to the attack was especially notable because “HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection.”

The company explained that because of this, the attack was both significantly more expensive to launch, and to defend against. 

“We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale,” they said.

The assault was a high speed, international affair. It took under 30 seconds for the attacking network to generate 212 million HTTPs requests from 1,500 networks across 121 countries.

More than 15 percent of the traffic originated from Indonesia, while the United States, Russia, India, and Brazil were roughly tied around 5-7 percent, a bar graph illustrates.

In a different type of DDOS attack, Amazon Web Services stated it successfully blocked a record-setting attempt in June of 2020 that saw an attacker or group of attackers launch a 2.3 terabyte per second volumetric DDOS attack against an unidentified customer, according to ZDNet.

But that record was crushed in January of this year when Microsoft reported it had stopped a 3.47 terabyte per second volumetric attack, which “originated from approximately 10,000 sources from connected devices in the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan,” stated ZDNet as well.

Microsoft Azure Project Manager Alethea Toh told the outlet, “We believe this to be the largest attack ever reported in history.”

The barrage, albeit massive, only lasted for approximately 15 minutes, they stated.

Cloudflare explained in a Q1 2022 trends assessment the difference between the two types of assaults, “Attacks with high bit rates attempt to cause a denial-of-service event by clogging the Internet link, while attacks with high packet rates attempt to overwhelm the servers, routers, or other in-line hardware appliances.”