Why Your Router Could Crash the Internet With DDoS Attacks

Your home router or security camera might be a weapon in a global cyberattack. On October 6, 2025, the Aisuru botnet, a network of 300,000 compromised IoT devices, launched a record-shattering 29.6 terabit-per-second DDoS attack against a measurement server, demonstrating unprecedented attack capacity. This wasn't a one-off; attacks targeting Minecraft servers and ISPs like OVH have disrupted millions. The culprit? A dangerous mix of vulnerable devices and blazing-fast home internet connections.

Residential broadband has evolved dramatically. With fiber-to-the-home now offering 1-2 Gbps upstream speeds from providers like AT&T and Comcast, a single compromised device can flood networks with traffic. Combine that with cheap, powerful IoT hardware, and cybercriminals have a perfect storm for chaos. A $1 chip in a smart camera can now generate enough traffic to choke critical internet infrastructure.

The 2016 Mirai botnet showed how IoT vulnerabilities could wreak havoc, knocking KrebsOnSecurity offline with a 620 Gbps attack. It exploited default passwords on devices like IP cameras, a problem that persists today. Fast forward to 2025 and the Aisuru botnet's 15 Tbps attack on TCPShield, a protector of 50,000 Minecraft servers, forced OVH to drop them as a client due to network strain. The lesson? Attackers have scaled up, leveraging faster home connections to amplify damage.

Mirai relied on brute-force logins, but Aisuru uses advanced tactics like zero-day exploits in routers from brands like Cambium Networks and has allegedly compromised firmware distribution channels, including those of Totolink. While Mirai's fallout was temporary, Aisuru's persistence highlights a grim reality: reboots clear infections briefly, but devices are reinfected within minutes. Both cases show manufacturers' failure to prioritize security leaves users and networks exposed.

ISPs like Verizon and Comcast face a tough challenge. With CGNAT, thousands of users share a single IP address, so blocking a compromised device risks cutting off entire neighborhoods. Aisuru's 'carpet bombing' tactic spreads attack traffic across network blocks, evading traditional detection systems. Even top-tier providers struggle to filter outbound traffic without massive infrastructure upgrades.

Gamers feel the pain most acutely. On October 6, 2025, Aisuru hit Steam, Riot Games, and PlayStation Network, disrupting millions of players. Protection services like TCPShield can't keep up when attack volumes soar past 20 Tbps. For ISPs, balancing customer privacy with aggressive monitoring raises ethical questions, while costs for advanced filtering deter smaller providers.

Solutions exist, but they're not simple. Regulators, like those behind the EU's Cyber Resilience Act, are pushing for mandatory IoT security standards, such as eliminating default passwords and ensuring firmware updates. A bold idea gaining traction is capping IoT device bandwidth at 10 Mbps unless higher speeds are justified, limiting their attack potential. Manufacturers like Tenda and Cambium Networks need to step up with better designs and longer support cycles.

ISPs could notify users of infected devices, partnering with manufacturers to guide remediation. Collaborative efforts between Cloudflare, Akamai, and research groups like QiAnXin XLab could accelerate threat detection. Without action, the 25 billion IoT devices projected by 2030 will only fuel bigger attacks, threatening everything from gaming to critical infrastructure.

Tighter IoT security could restrict innovation or raise device costs, a concern for budget manufacturers. Monitoring outbound traffic might erode user privacy, as ISPs would need to inspect data more closely. Yet, doing nothing isn't an option when a single hacked router can disrupt global services. The 2016 Dyn attack took down Twitter and Netflix, and Aisuru's 2025 rampage shows the stakes are higher now.

Collaboration is key. NIST and CISA could lead public-private efforts to set enforceable standards, while gamers and consumers demand accountability from device makers. The internet's stability hangs in the balance, and fixing this mess requires everyone, ISPs, manufacturers, and users, to take responsibility before the next 30 Tbps attack hits.