Cloudflare revealed that on June 21 it detected and mitigated a packet-based volumetric DDoS attack that peaked at 754 million packets-per-second. According to researchers, that peak was part of a four-day attack from June 18-21 that saw traffic from more than 316,000 different IP addresses directed at a single Cloudflare address.
In a blog post, Cloudflare researchers reported that the attack used a combination of three TCP attack vectors: SYN floods, ACK floods, and SYN-ACK floods. Over the four-day period, the attack sustained rates exceeding 400-to 600 million packets-per-second for hours at a time, and peaked above 700 million packets-per-second multiple times.
The packet-based attack attempted to overwhelm Cloudflare's routers and data center appliances rather than flood the in-bound data connections. The company says that these huge attacks persist despite a general decrease in the size and duration of DDoS attacks during the last year.