Skip to main content

‘Biggest ever’ DDoS hacking attack hits Europe

The largest distributed denial of service (DDoS) attack on a European network took place on Monday, prompting fears that it could be a sign of "ugly things to come".

The cyber-attack was reported by anti-DDoS protection firm Cloudflare, who claimed that it was bigger than the Spamhaus attack last year - described at the time as the world's largest cyber-attack.

The attack seems to have stemmed from weaknesses in the Network Time Protocol (NTP), usually used to synchronise clocks on computers.

Hackers exploited the weaknesses to send vast amounts of data through the NTP server in an effort to bring down the system.

Few details have emerged of the attack, though it has been reported by Cloudflare that close to 400 gigabits per second (Gbps) were sent. By comparison, the Spamhaus attack last year measured at around 300 Gbps.

Matthew Prince, the CEO of Cloudflare, said that it was primarily European servers that were targeted.

"There was extra latency in Europe. Overall,(the) network was unaffected," Prince told Tech Week Europe. "[It was] very big. Larger than the Spamhaus attack from last year.

"Volume based so congesting at Layer Three in some parts of Europe. Hitting our network globally but no big customer impact outside of Europe."

In a tweet yesterday, Prince said that the attack had been "largely mitigated", but said that the attack was "big enough it caused problems even off our network, which is super annoying".

"Someone's got a big, new cannon," he added. "Start of ugly things to come."

Malicious NTP-based attacks had previously been predicted by Cloudflare in a blogpost last month.