Cloudflare announced on its official social media platform that its automated protection system recently intercepted a hyper-volumetric DDoS attack, reaching peaks of 22.2 Tbps and 10.6 Bpps, claiming it was "twice the size of anything ever recorded on the internet." This statement primarily stems from social media announcements, and the technical details and attack vectors have not yet been fully disclosed in the official blog post. Further technical reports will be released.
For reference, the latest records reported by various media outlets and official sources in early September were 11.5 Tbps and 5.1 Bpps. If the 22.2 Tbps/10.6 Bpps figures are officially confirmed, they would surpass the previous peaks. Cloudflare also emphasizes on its website that its global network capacity is in the hundreds of Tbps, claiming it is sufficient to absorb extremely large-scale flooding traffic. However, scrubbing capabilities and routing strategies vary among different vendors.
Frequently Asked Questions
Q: What do 22.2 Tbps and 10.6 Bpps mean?
A: Bandwidth and peak packet rate, respectively, refer to the maximum amount of data and number of packets per second reached by an attack at a certain moment. They are two major indicators for measuring the intensity of "flooding".
Q: Has this been officially confirmed in a technical blog post?
A: This is Cloudflare's social media statement. Complete technical details and traceability analysis have not yet been released.
Q: How does this relate to the previous record of 11.5 Tbps?
A: If subsequent reports confirm 22.2 Tbps, it will more than double the previous peak record of 11.5 Tbps.
Q: How is the cleaning/mitigation capability assessed?
A: The key lies in the total global network capacity, edge node distribution, automated detection and quick disconnection strategies; the supplier's available redundancy and re-injection paths are equally important.
Q: Why do I need to look at both Tbps and Bpps?
A: Large packet rates put pressure on bandwidth, while small packet rates put pressure on forwarding and CPU. The two have different pressure mechanisms on the network and devices, and both require attention.
