The Mirai botnet has launched a record-breaking distributed denial-of-service (DDoS) attack, reaching a staggering 5.6 terabits per second (Tbps). This massive assault, detected on October 29, 2024, targeted an internet service provider (ISP) in Eastern Asia. The attack was facilitated by over 13,000 compromised Internet of Things (IoT) devices, including some linked to Indonesia.
Reports highlight that the attack lasted only 80 seconds, with 5,500 unique source IP addresses observed per second. Each device contributed approximately 1 Gbps during the attack. The scale of this event surpassed a previous DDoS record of 3.8 Tbps reported earlier the same month.
The incident sheds light on the alarming rise in DDoS attacks globally. In 2024, researchers observed over 21.3 million DDoS attacks, marking a 53% increase from the previous year. High-volume attacks, exceeding 1 Tbps, surged by 1,885% within the final quarter alone. Southeast Asia, including countries like Indonesia and Hong Kong, emerged as major sources of such malicious activities.
Experts noted the growing role of Mirai-based botnets in these attacks. These botnets exploit vulnerabilities in IoT devices, such as weak passwords and outdated software, to hijack them for cybercriminal activities. Attack vectors like SYN floods, DNS floods, and UDP floods were the most common methods, contributing to the sharp increase in volumetric DDoS assaults.
Preventing the Threat
To combat this escalating threat, users must secure IoT devices by updating software regularly and using strong, unique passwords. Organizations should invest in robust DDoS protection solutions and monitor network traffic for unusual patterns. Collaborating with cybersecurity experts and educating users about device security can significantly reduce vulnerabilities.
