So yesterday, the New York Times and the BBC both reported that the ‘internet’ was slowed down due to a massive DDoS attack…
Similarly, CloudFlare, the company hired to mitigate the DDoS had this alarming post about the attack.
While the DDoS attack did indeed happen, the effects of it affecting the very infrastructure of the internet is at best…hyperbole.
Gizmodo took a good look at it and the argument it makes that this is overblown marketing for CloudFlare is pretty convincing.
Renesys, a global company which devotes the entirety of its time to monitoring the status of the internet, had this to say:
We believe that the DDOS attack potentially had severe impacts on the websites it was directed at, however, according to our data, the Internet as a whole did not experience a wide spread disruption.
Just to put it in perspective the traffic estimates for the DDOS attack were as high as 300 Gbps at the target. That would easily overwhelm the average hosting center, but not a core component of the Internet. For example, DECIX, the German Internet exchange in Frankfurt, regularly handles 2.5 Tbps at peak on any given day:
While it may have severely affected the websites it was targeted at, the global Internet as a whole was not impacted by this localized incident.
A spokesperson for NTT, one of the backbone operators of the Internet further confirmed this finding:
I’m afraid that we don’t have anything we can share that substantiates global effects. I’m sure you read the same 300gbps figure that I did, and while that’s a massive amount of bandwidth to a single enterprise or service provider, data on global capacities from sources like TeleGeography show lit capacities in the tbps range in most all regions of the world. I side with you questioning if it shook the global internet.
Goes to prove that even the big boys can get it wrong. This doesn’t mean that CloudFlare isn’t good at what they do, they probably are, but exaggerating attacks like these are unethical and tarnish what is otherwise a pretty solid achievement by CloudFlare. This also doesn’t meant that DDoS attacks aren’t damaging, they are! BolehVPN in fact is the frequent target of these for whatever reasons. Just…stick to the facts guys and leave the hyperbole to the tabloids.