The attack, clocked at 2.4 Tbps, targeted one of Europe’s Azure customers
Microsoft has revealed that it countered a Distributed Denial-of-Service (DDoS) attack that clocked in at as much as 2.4 terabytes per second. Second (Tbps). The attack, which targeted an Azure customer in Europe, surpasses the previous record holder – a 2.3 Tbps attack that was reduced by Amazon Web Services (AWS) last year. It also dwarfs the previously largest DDoS attack (1 Tbps) on Azure from 2020.
According to Microsoft, the latest attack comes from about 70,000 sources and from several countries in the Asia-Pacific region, including Malaysia, Vietnam, Taiwan, Japan and China, as well as from the United States.
The attack vector was a UDP reflection that stretched over more than 10 minutes with very short bursts, each rising in seconds to terabit volumes. In total, we monitored three main peaks, the first with 2.4 Tbps, the second with 0.55 Tbps and the third with 1.7 Tbps, ”said Azure Networking Senior Program Manager Amir Dahan in a blog post describing the incident.
“The speed of digital transformation has accelerated significantly during the COVID-19 pandemic alongside the adoption of cloud services. Bad actors are now more than ever constantly looking for ways to take applications offline, ”Dahan added.
Traditional DDoS attacks overwhelm a target with fake web traffic coming from a large number of devices that have been correlated to a botnet. The purpose of the attack is to take the victim’s servers offline and deny access to their services. If an attacker uses a reflection-enhancing attack, they can amplify the amount of malicious traffic while obscuring its sources.
Historically, DDoS attacks have been used as a smokescreen for other, even more harmful attacks, or as a means of demanding massive ransom charges from the targeted companies. While victims may lose millions of dollars in revenue from the reputational damage combined with the cost of downtime caused by these attacks, there is no guarantee that the attackers would stop their attacks even if the ransom is paid.