The peacock mantis shrimp is very pretty, but don’t let it fool you. That little seven-inch crustacean throws a punch that boils the surrounding water, making a shockwave that shreds its prey and creates a flash of light from the sheer force.
In fact, the wake of this punch is so strong, it can hurt crabs that the actual punch misses.
When Cloudflare gave a small botnet (only about 5k bots) the name Mantis, they had this little undersea hunter in mind.
Fast, lethal, not to be taken lightly.
It launched more than 3,000 HTTPS distributed denial-of-service attacks (flooding a server with requests to essentially cripple it) at a rate of 26 million requests per second. It was able to get these speeds by hijacking virtual machines, allowing it to send traffic from cloud service providers (rather than slower home ISPs).
Cloudflare was able to thwart the attack, and that’s a good thing.
Just like its namesake, DDoS attacks are fast and lethal. By the time a person notices them, the attack is over, and the damage is done. Just as troubling is that these were HTTPS attacks rather than the lower energy HTTP requests.
The difference in processing power (and expense) in thwarting an HTTPS attack is pretty stark. Worse yet, some security measures don’t perform packet sniffing on “secure” data (which may be hiding something nasty). There’s some bad news.
There isn’t a whole lot you can do to prevent this kind of attack from coming to your doorstep. You can stop them at the gate though. This is good because the onslaught won’t take down your site or service. But it’s still going to cost resources.
Put simply, attackers use HTTPS because it costs more to stop.
Still, the only thing worse than spending to stop a mantis shrimp from punching you is having one make contact and knock you out.
