AWS claims to have blocked the largest DDoS attack in history

Cloud giant reveals three days of malicious traffic hit a peak of 2.3 Tbits/sec

Amazon has revealed that its online cloud fended off what's considered to be one the largest distributed denial of service (DDoS) attacks in history.

The incident happened in February, hitting 2.3 Tbits/sec at its peak, according to a report from AWS Shield, smashing the previous peak record of 1.7 Tbits/sec.

The peak of the attack was 44% larger than anything the services had seen before and led to three-days of "elevated threat" status. Amazon Web Services provides the infrastructure for many websites, but the report doesn't identify which websites had been targeted by the attack.

"In Q1 2020, a known UDP reflection vector, CLDAP reflection, was observed with a previously unseen volume of 2.3 Tbps," the report stated. "This is approximately 44% larger than any network volumetric event previously detected on AWS."

"CLDAP reflection attacks of this magnitude caused 3 days of elevated threat during a single week in February 2020 before subsiding. Despite this observation, smaller network volumetric events are far more common. The 99th percentile event in Q1 2020 was 43 Gbps."

The attack in February was called a "reflection attack", which is thought to be an attempt to use a vulnerable third-party server to amplify the amount of data being sent to a victim's IP address. It relies on exploiting the Connectionless Lightweight Directory Access Protocol (CLDAP), which is often exposed due to configuration issues – though AWS doesn't suggest this to be the case for the February attack.

Downtime caused by DDoS accounts can have large financial implications. According to a 2019 report from Netscout, the size and scale of DDoS attacks in the UK could cost the country almost £1 billion per year. Part of the problem is that DDoS attacks are cheap and easy to deploy, according to Netscout.

In Q1 of 2020, there was a significant increase in both the quantity and Quality of DDoS attacks, according to Kaspersky. Not only have the number of attacks almost doubled, up by 80% against Q1 2019, these attacks have also become longer, the firm suggests.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021