Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

HTTP DDoS Attacks Reach Unprecedented 17 Million Requests Per Second

HTTP DDoS Attacks Reach Unprecedented 17 Million Requests Per Second

A distributed denial-of-service (DDoS) attack earlier this year takes the top spot for the largest such incident, peaking at 17.2 million requests per second (rps).

The attack was recorded by Cloudflare’s DDoS protection systems and accounted for almost 70% of all average rate for legitimate HTTP traffic for the second quarter of 2021.

Short-lived DDoS attack

The assault lasted less than a minute in July and sent more than 330 million requests targeting an organization in the financial industry.

It peaked at 17.2 million but maintained a steady push around 15 million for about 15 seconds.

While the duration of the attack is not impressive, its force does indicate that the threat actors in the DDoS business are increasing their capabilities.

Also Read: What is Social Engineering and How Does it Work?

Cloudflare says that the attacker leveraged a botnet of at least 20,000 devices from all over the world. Most of the IP addresses generating the attack traffic were in Indonesia (15%), followed by India and Brazil (17% combined).

Omer Yoachimik, product manager for Cloudflare’s DDoS Protection Service, says that this HTTP DDoS attack that Cloudflare mitigated is “almost three times larger than any previous one that we’re aware of.”

To paint a better picture of the magnitude of the assault, Cloudflare’s typical serving load is above 25 million HTTP requests every second. At its strongest, the July DDoS attack reached 68% of that capacity.

Yoachimik says that the botnet behind the attack just last week has also targeted a hosting provider with the same type of attack but its peak was below eight million requests per second.

Other notable DDoS attacks that Cloudflare detected and thwarted came from a Mirai-based botnet that showed more than once it could send more than one terabyte of bad traffic every second.

At its strongest, the botnet delivered close to 1.2Tbps of junk traffic, some of the targets being a major internet, telecommunications, and hosting provider in the APAC region, and a gaming company.

“The Mirai botnet started with roughly 30K bots and slowly shrinked to approximately 28K. However, despite losing bots from its fleet, the botnet was still able to generate impressive volumes of attack traffic for short periods. In some cases, each burst lasted only a few seconds” – Cloudflare

Also Read: 4 Reasons Why You Need an Actively Scanning Antivirus Software

Mirai was discovered in 2016 and its source code was released to the public after the devastating attacks on the website of investigative reporter Brian Krebs, the infrastructure of French host provider OVH, and of global DNS provider Dyn.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us