Microsoft stops record-breaking 2.4 Tbps DDoS attack
Record levels of DDoS attacks were a major headache for security teams last year. But the latest in a series of high-profile strikes might signal even more unprecedented DDoS floods in the near future.
In a Monday blog post, Microsoft said that an undisclosed European Azure cloud platform customer suffered a record-breaking 2.4 Tbps (terabytes per second) distributed denial-of-service (DDoS) attack. Thankfully, it was mitigated by Azure’s DDoS protection platform.
According to Amir Dahan, senior program manager at Azure Networking, the attack was carried out during the last week of August by a botnet leveraging approximately 70,000 infected devices located across Malaysia, Vietnam, Taiwan, Japan, China, and the United States.
“This is 140 percent higher than 2020's 1 Tbps attack and higher than any network volumetric event previously detected on Azure,” said Dahan.
Dahan explained that the Azure attack from August, which lasted more than ten minutes, was carried out in three “very short-lived bursts,” with the first peaking at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.
Just the tip of the approaching iceberg?
The August attack comes in the wake of multiple massive high-profile DDoS attacks of increasing scale and frequency. In terms of bitrate, the previous record-breaking DDoS attack was a 2.3 Tbps strike reported by Amazon Web Services in February 2020. In September, the Mēris botnet hit the Russian internet giant Yandex with a massive 21.8 million RPS (requests per second) DDoS attack, which currently holds the DDoS record in terms of RPS.
“More industries are being targeted, particularly higher education, healthcare, telecoms, and public sectors,” warns Dahan. According to him, DDoS attacks of this size “demonstrate the ability of bad actors to wreak havoc by flooding targets with gigantic traffic volumes trying to choke network capacity.”