DigiCert Discloses Details of Two Massive DDoS Attacks
None
<p>DigiCert revealed today that over the last month it has <a href="https://www.digicert.com/blog/how-ultraddos-protect-stands-up-to-multi-terabit-attacks">thwarted two separate distributed denial of service (DDoS) attacks</a> that peaked at more than 2.4 and 3.7 terabits per second (Tbps).</p><p>Carlos Morales, senior vice president and general manager for DDoS and application security at DigiCert, said both attacks were thwarted by UltraDDoS Protect network but it’s also now a matter of time before these attacks might one day peak at 20-Tbps or higher.</p><p>The first 2.4-Tbps attack was aimed at an organization based in the Europe and Middle East (EMEA) region and had an impact of 553 Million packets per second (Mpps). The second 3.721-Tbps attack was aimed at an organization in the U.S. that had a 336 Mpps attack, with peak traffic rates lasting more than two minutes.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>The attack sources were widely distributed with the United States, Mexico, Canada, Japan, Israel and Taiwan being the sources of most of the traffic, with approximately 3 Gbps per aimed at the IP destination by the 3.7-Tbps attack.</p><p>There were also multiple smaller follow-on attacks after the initial surge, and all traffic was destined to port 443 which is the default for most web traffic, so it could not be simply filtered at the network border.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="9bc2991b5e0d3f8291ca0d22-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="9bc2991b5e0d3f8291ca0d22-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>The DigiCert UltraDDoS Protect provides more than 15-Tbps of dedicated DDoS bandwidth to thwart these types of attacks, but it’s probable DDoS networks will need to scale higher to thwart DDoS attacks that are only going to increase in volume as cybercriminals continue to harness insecure infrastructure in the Internet of Things (IoT) era to launch carpet bombing types of attacks, said Morales.</p><p>In fact, with the rise of various illicit bot services it’s never been easier for cybercriminals to launch a DDoS attack, noted Morales. More troubling still, cybercriminals will also soon be using artificial intelligence (AI) to discover even more insecure devices to compromise, which will help fuel even larger attacks, he added.</p><p>Ultimately, any company that is relying on the Internet to drive revenue is at risk of a DDoS attack that could cripple their operations. It’s not clear how many organizations are not relying on some type of DDoS protection service to thwart these attacks, but as the volume and frequency of these attacks increases it is all too apparent that cybercriminals are enjoying enough success to warrant the effort, especially as the cost of launching these attacks continues to decline. In effect, these attacks are reaching a level of intensity that is going to be beyond the ability of any enterprise to thwart themselves, said Morales.</p><p>Hopefully, there will come a day when law enforcement officials working in collaboration across jurisdictions will be able to take down the botnets that are used to launch these attacks. In the meantime, however, cybersecurity teams at this point should assume it’s not only a matter of time before their organization is targeted. The issue then becomes determining how much protection will be needed based on the actual risk to the business a specific DDoS attack might represent.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/08/digicert-discloses-details-of-two-massive-ddos-attacks/" data-a2a-title="DigiCert Discloses Details of Two Massive DDoS Attacks"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fdigicert-discloses-details-of-two-massive-ddos-attacks%2F&linkname=DigiCert%20Discloses%20Details%20of%20Two%20Massive%20DDoS%20Attacks" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fdigicert-discloses-details-of-two-massive-ddos-attacks%2F&linkname=DigiCert%20Discloses%20Details%20of%20Two%20Massive%20DDoS%20Attacks" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fdigicert-discloses-details-of-two-massive-ddos-attacks%2F&linkname=DigiCert%20Discloses%20Details%20of%20Two%20Massive%20DDoS%20Attacks" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fdigicert-discloses-details-of-two-massive-ddos-attacks%2F&linkname=DigiCert%20Discloses%20Details%20of%20Two%20Massive%20DDoS%20Attacks" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fdigicert-discloses-details-of-two-massive-ddos-attacks%2F&linkname=DigiCert%20Discloses%20Details%20of%20Two%20Massive%20DDoS%20Attacks" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>