OVH DDOS attack

All hosting providers get DDOSed eventually. This is either because they are hosting something that a hacker does not like, or a cyber criminal organization is trying to get ransom money from the hosting provider.

In the past week hosting provider OVH has been hit by a massive DDOS attack. I mean, really really huge. Maybe the largest DDOS attack the Internet has seen to date.

The amount of DDOS traffic sent to OVH was measured to be around one terrabit per second. 1Tbps is larger than all but the largest networks can accommodate.

Think about it this way, a normal home connection has a few megabits per second. A business might have a 100Mbps connection. Many Internet companies have ten times this amount: a gigbit connection.

A gigbit connection is good enough for many Internet companies. For those who need more, tehy can get multiple gigabit uplinks.

If a company really passes a lot of traffic they can get a 10 gigabit connection or even multiple gigabit connections.

Multiple ten gigabit connections are not that common. A small ISP might have a multiple ten gigabit connection. Heck, some rural ISPs can function just fine with a single ten gigabit connection, or less.

Backbone ISPs are the really big players. These are the really large Internet providers that other smaller ISPs buy Internet transit from. Think of companies like Level 3 and Telia. These companies have ports that got up to 100 gigabits per second. A 100Gbps connection is huge. And you need ten of those to make a single terrabit connection.

So this OVH DDOS was the size of ten 100 gigabit ports. I really cannot stress to you how much bandwidth this is.

This attack consisted of 145,607 different hacked IP addresses. These IPs were controlled by a botnet and most of them belong to Internet devices such as cameras, home routers, video recorders, etc. These types of devices connect to the Internet, but have little to no security. This allows hackers to write scripts that scan the Internet, hack these devices and then control the devices.

If you have a Internet device like a video recorder, a Roku, an IP camera, and IP printer, etc. you might actually be part of a botnet. hackers might have gained access to this device and use it to send DDOS traffic onto the Internet from your home.

These massive DDOS attacks are getting more common as more insecure Internet devices are connected to the Internet at large.

OVH happened to be the target this time, but it can just as easily happen to any hosting provider.