Cloudflare Hong Kong being destroyed by 300Gbps+ attack on one site!

[MG2R]

Recently, Cloudflare Hong Kong has been hit with a DDoS attack of over 300 Gbps towards one site, owned by a political group trying to hold a controversial referendum. Cloudflare knew attacks would be incoming, and the service is still up somehow, but this scale of attack is scary nonetheless!

 

Battling 300Gbps+ attack right now. Knew it was coming so well prepared. Helluva story someday. pic.twitter.com/YJW9u5TBoL

— Matthew Prince (@eastdakota) June 20, 2014

 

A while ago, an attack of this scale was considered a threat to the Internet as a whole:

 

A DDoS attack on spam organization Spamhaus last year is widely considered to be the biggest attack in history. At its peak, the organization was dealing with a 300 billion bits-per-second DDoS, the repercussions of which CloudFlare says “almost broke the internet.”

 

Original source: http://thenextweb.com/asia/2014/06/20/cloudflare-hong-kong-democracy-movement-battling-one-largest-ddos-attacks-history/

 

Or, as @foxhound590 would put it:

An attack of this scale would put the whole of Africa without Internet.

 

 

 

----------------------------------

EDIT

 

It would appear that another site supporting the referendum is being hit as well, reports @snowComet here.

 

Original source: http://www.scmp.com/news/hong-kong/article/1535484/apple-daily-website-taken-offline-cyberattack-ahead-occupy-vote

Edited June 23, 2014 by MG2R
Corrected spelling mistakes, appended new info

[Epitome]

GG Cloudflare

[Legion]

That is one big ass botnet.

 

 

This feels appropriate 

https://www.youtube.com/watch?v=efHCdKb5UWc

[Askew]

Holy balls that's a lot of bandwidth

[bradscoolio]

GG no RE Cloudflair

[TopWargamer]

Damn, how are they still online!?

[terrytek]

*insert slow, sarcastic clap here*

[Vanderburg]

That much traffic is probably something simple like NTP reflection, so the original attack is not anywhere near that size.

[Juggernautilus]

I remmember when a ddos about this big shut down League of Legends, Blizzard, EA games and even Club Pengiun in a matter of minutes. There were rumours that it was just a test to see how effective their botnet is.

[AMICLG]

Damn, how are they still online!?

They have servers all around the world and they move everything off the server/s being attacked to others which is exactly what happen when there were DoS and DDoS attacks on LulzSec. It's the Layer 3 attacks like this that they have problems with as it's so much traffic eventually the server will go down with enough traffic. Further more this attack caused no damage to whatever site/servers they were trying to take down as Cloudflare works as a reverse proxy so the actual server isn't even touched so they're just being a nuisance to Cloudflare.

 

Edited again lol.

[prolemur]

Holy balls! I want a botnet

[TopWargamer]

They have servers all around the world and they move everything off the server/s being attacked to others which is exactly what happen when there were DoS and DDoS attacks on LulzSec. It's the Layer 3 attacks like this that they have problems with as it's so much traffic eventually the server will go down.

Huh, makes sense. Thanks for the explanation.

[Fred Castellum]

Serves em right, the government is always propaganda this and propaganda that. 

[snowComet]

Actually not just the voting site was hit by cyber-attack, media which support this referendum was reporteded to be under attack as well, but not as severe as the cloudfare one. But what does Prince means in his tweet, " prioritizes TLSv1/DES-CBC3-SHA"?

http://www.scmp.com/news/hong-kong/article/1535484/apple-daily-website-taken-offline-cyberattack-ahead-occupy-vote

[prolemur]

Would it be harder to take down a site with hardly any data or a lot of data?

 

Like if they were just loading a webpage and waiting for it to finish then re-loading without cache and repeating. Everything else being the same. Would it be less gb/s if their webpage was smaller?