Cloudflare revealed it had contained the largest distributed denial-of-service (DDoS) attack ever recorded, with traffic spiking to 11.5 terabits per second (Tbps). The massive flood, traced largely to Google Cloud infrastructure, targeted a single IP address and tested the resilience of defensive systems. Though the attack lasted just 35 seconds, its velocity and scale were without precedent.
Final Call: Be DPDP Act Ready with FCRF’s Certified Data Protection Officer Program
Surpassing Earlier Milestones
This assault represents a 12 percent increase over Cloudflare’s previous record of 7.3 Tbps, reported in June 2025. That earlier attack generated 37.4 terabytes of data in only 45 seconds—enough to stream 9,350 HD movies or download millions of songs almost instantly. Cybersecurity journalist Brian Krebs has documented attacks of similar magnitude, but this incident outpaced those benchmarks by more than 1 Tbps, signaling an escalation in the cyber arms race.
Anatomy of the Attack
The DDoS offensive was overwhelming in design. On average, it hammered 21,925 ports per second, peaking at 34,517. Nearly 99.996 percent of traffic consisted of UDP floods, a brute-force tactic intended to swamp servers with requests. Supplementary vectors included QOTD, Echo, NTP, Mirai, Portmap, and RIPv1, making the flood not only massive but also multi-pronged. Such precision suggests attackers had access to considerable computing resources, likely hijacked from compromised cloud systems.
Implications for Cybersecurity
The incident underscores how brief yet powerful attacks are becoming a preferred weapon. By condensing years’ worth of data into mere seconds, attackers exploit the lag between detection and defense. Cloudflare’s success demonstrates the necessity of automated, adaptive mitigation, but it also raises alarms about the scale and accessibility of attack tools. As cloud platforms are weaponized, organizations must prepare for assaults that strike not for hours, but for moments—yet carry the impact of a digital earthquake.