Microsoft announced to have mitigated a record 3.47 Tbps distributed denial of service attack targeting an Azure customer, the largest DDoS to date
Disclosed August 2022, was the 3rd HTTPS attack this year to get to 10s of millions of RPS, after two lower-volume assaults were mitigated by Cloudflare.
The very first of them peaked at 15.3 million RPS, Cloudflare revealed in April, while the 2nd reached 26 million RPS, the web security company introduced in June. The strike that Google revealed today clearly towers over the previously divulged incidents, as it was roughly 76% bigger compared to the previous record.
The attack, Google states, began at 9:45 am PT, on June 1, as well as lasted for roughly 69 mins. For most of its duration, the attack was low-intensity– it jumped from 100,000 to 46 million RPS within 10 secs, however reduced over the next minute and a fifty percent to the first degrees Read More
Microsoft announced that its Azure DDoS protection platform has mitigated a record 3.47 Tbps attack that targeted one of its customers with a packet rate of 340 million packets per second (pps). The news of the attack was reported in the “Azure DDoS Protection —2021 Q3 and Q4 DDoS attack trends.”
“In November, Microsoft mitigated a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps), targeting an Azure customer in Asia. We believe this to be the largest attack ever reported in history.”
“Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak, and the overall attack lasted approximately 15 minutes.”largest DDoS to date, reads the report.
The Largest DDoS To Date
The largest DDoS to date, took place in November and hit a customer in Asia, it originated from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan.
The 3.47 Tbps attack was the largest DDoS to date that MS has had to mitigate
The IT giant also reported that other two massive DDoS attacks targeted Asian Azure customers in December, they peaked at 3.25 Tbps and 2.55 Tbps respectively.
Microsoft pointed out that as with the first half of 2021, the majority of the DDoS attacks were short-lived, experts observed a rise in attacks that lasted longer than an hour, with the composition more than doubling from 13 percent to 27 percent. The researchers warn that multi-vector attacks continue to remain prevalent.
Predecessor of the Largest DDoS To Date
In October, Microsoft announced that its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) DDoS attack at the end of August, it represented the largest DDoS to date recorded, but the recent attack overwhelmed it. The attack hit the Russian internet giant Yandex and was launched by a new DDoS botnet, tracked as Mēris (Latvian word for ‘plague’).
“The concentration of attacks in Asia can be largely explained by the huge gaming footprint10, especially in China, Japan, South Korea, Hong Kong, and India, which will continue to grow as the increasing smartphone penetration drives the popularity of mobile gaming in Asia.” concludes the report. “In India, another driving factor may be that the acceleration of digital transformation, for example, the “Digital India” initiative11, has increased the region’s overall exposure to cyber risks.”
DDoS attacks have evolved a lot over the years, and they changed the meaning of using brute force. It probably won’t be long until we see the next largest DDoS to date. The worst thing is that analysts expect that they will continue to grow bigger, more violent, and more powerful in years to come.
Hackers are creating bigger botnets by hacking more devices, and the advancements of technology and the introduction of all kinds of smart gadgets are making it happen even faster. The only way to fight against this kind of attack would be to spread awareness about securing user devices. Anything that has a connection to the internet can be used as a device, and the more we progress towards a smart society, the more weapons bad actors get at their disposal.
Meanwhile, DDoS attacks are not only increasing in strength, but also in the number, and there are even services that offer DDoS for hire, which the authorities have desperately tried to dismember for years now, with only partial success.
Article data correct at time of writing, January 27th 2022.
You may also enjoy reading, Assange Wins First Stage in Effort to Appeal US Extradition
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- UK bans Chinese CCTV cameras at ‘sensitive’ government locations - 26 November 2022
- Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year - 25 November 2022
- RESEARCH: analytics information related to iPhones include a Directory Services Identifier (DSID) that may be used to identify users - 24 November 2022