Fighting a 25 million packets-per-second DDoS attack


An unnamed Asian company operating within what has been described as a 'high risk e-commerce industry' has been targeted by a botnet which launched a DDoS attack of unprecedented magnitude. According to Distributed Denial of Service mitigation experts Prolexic, which claims to have successfully combated the attack, the volume of this particular attack was nothing short of extraordinary.

How so? Well, consider that most high-end border routers employed by your average ISP are capable of forwarding around 70,000 packets per second typically. Now consider that the volume of this DDoS attack using TCP SYN Floods and ICMP Floods reached 25 million packets per second at its peak.

Prolexic were able to determine that the botnet being used by the attacker consisted of no less than 176,000 zombie computers. This in itself should be enough to raise eyebrows within the security industry seeing as the previous five attacks that Prolexic successfully mitigated featured no more than 5,000 to 10,000 bots being deployed for each.

Paul Sop, chief technology officer at Prolexic, explains that the Asian company being targeted had unsuccessfully attempted to stop the attacks for "many months" with the help of both the ISP and carrier concerned. However, the sheer volume of the packet flooding proved too much. Prolexic was able to mitigate the threat by distributing the traffic between a number of global Tier 1 carriers and 'scrubbing' network centers. Sop warns that this massive attack in Asia could be "an early warning beacon of the increasing magnitude of DDoS attacks that may be on the horizon for Europe and North America in the next 6 to 8 months" adding "high risk clients, such as those extremely large companies in the gaming and gambling industries in Asia, are usually the first targets of these huge botnets just to see how successful they can be."

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

pseudorandom21 166 Practically a Posting Shark

Meh didn't LulzSec say something about an FBI botnet?

happygeek 2,411 Most Valuable Poster Team Colleague Featured Poster

Seriously, there's nothing meh about 25 million packets per second...

swebsitedesign -2 Newbie Poster

in this case no doubt risk for the clients will me much greater

ownstlucia 0 Newbie Poster

Unless the source of the bonets can be identified "victory" can only be temporary; they are simply chasing ghosts.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.