How Microsoft Was Able to Thwart the Largest DDoS Attack Ever
A massive 2.4 terabytes per second (Tbps) Distributed Denial-of-Service (DDoS) attack has been mitigated by Microsoft, the company says. The attack targeted an Azure customer in Europe and was 140% higher than the highest attack bandwidth volume Microsoft previously recorded in 2020.
This attack occurred in early August of this year and is currently believed to have been the largest DDoS attack ever, exceeding the peak traffic volume of 2.3Tbps during the previous largest attack – a DDoS blow aimed at fellow cloud computing provider Amazon Web Services last year.
According to a blog post from Microsoft, the attack lasted more than 10 minutes, with several short-lived bursts of traffic that peaked at 2.4Tbps, 0.55Tbps, and finally 1.7Tbps.
“The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States,” writes Amir Dahan, senior program manager for Microsoft’s Azure Networking.
Microsoft says that Azure was able to stay online during the attack thanks to its massive-scale DDoS protection.
“Attacks of this size demonstrate the ability of bad actors to wreak havoc by flooding targets with gigantic traffic volumes trying to choke network capacity. However, Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks,” Dahan explains in the blog post.
DDoS attacks are most often used to force websites and services like online video games offline. Threat actors will flood web hosts with enormous amounts of traffic, amounts that they are unable to handle which leads to outages, usually through the usage of botnets – webs of interconnected, malware-infected devices controlled remotely by cybercriminals.
According to Microsoft, the prevalence of DDoS attacks against Azure is increasing – “We reported a 25 percent increase in the number of attacks compared to Q4 of 2020, albeit a decline in maximum attack throughput, from one terabyte per second (Tbps) in Q3 of 2020 to 625 Mbps in the first half of 2021,” Dahan says.
