Massive DDoS attack hits Chechen news agency

A massive distributed denial of service (DDoS) attack that peaked at 45 million packets per second (pps) has smashed into the Chechen internet news agency Kavkaz Center.

The attack was said to be among the largest on record. It lasted two months and took the agency’s main Sweden-based server and mirror sites offline last month.

Visnet, a European DDoS mitigation vendor recruited by the agency, did not know who was behind the attacks.

“The origin of the attack is undetermined as this pasting was orchestrated to use spoofed IPs,” the company told SC.

However the agency has plenty of enemies within Russia. It was deemed “an official organ” of the Emarat Kavkaz terrorist organisation that operates within the North Caucasus. The UN Security Council says the outfit is linked to Al-Qaeda.

Russia has since pressured Swedish authorities to take down the web site which is hosted by PRQ, a company owned by the founders of The Pirate Bay.

The Kavkaz Center alleged in a blog this week that the attacks peaked when Russia’s UN ambassador Vitaly Churkin raised Moscow’s bid to take down the site at a UN Security Council meeting.

The DDoS SYN flood peaked at some 25 gigabits per second and sent up to 2 million pps to the agency’s mirror sites.

One of the largest packet-per-second attacks on the public record was detected in November last year.

Paul Sop, chief technology officer of DDoS prevention agency Prolexic told SC at the time that the 69 million pps attack targeted a Taiwanese retailer from servers based in China.

Application layer attacks were traditionally the most common form of DDoS according to Prolexic, but have been overtaken by infrastructure layer attacks via ICMP, SYN and UDP floods.

Copyright © SC Magazine, Australia