Microsoft mitigated 'largest ever' 2.4Tbps DDoS attack

The record-breaking attack targeted one of the company's European Azure customers in August

Microsoft claims to have mitigated a record 2.4Tbps DDoS attack targeting one of its Azure customers in Europe during the last week of August.

The company said the attack was140% larger than than the highest attack bandwidth volume Microsoft recorded in 2020 and higher than any network volumetric event previously detected on Azure. It also surpasses the previous largest DDoS attack, which peaked at 2.3Tbps and was directed at Amazon Web Services (AWS) last year.

It said the attack traffic originated from around 70,000 sources and from multiple countries in the Asia-Pacific region, including Malaysia, Vietnam, Japan, and China, as well as the US. The attack spanned over 10 minutes with very short-lived bursts, each ramping up in seconds to terabit volumes.

The company monitored three main peaks, the first at 2.4Tbps, the second at 0.55Tbps, and the third at 1.7Tbps.

Microsoft’s attack mitigation lifecycle is orchestrated by its control plan logic that dynamically allocates mitigation resources to the most optimal locations, closest to the attack sources. This meant that the attack traffic, which originated in the Asia-Pacific region and the US, did not reach the customer region but was instead mitigated at the source countries.

“Azure’s DDoS mitigation employs fast detection and mitigation of large attacks by continuously monitoring our infrastructure at many points across the network,” said Amir Dahan, senior programme manager at Azure Networking.

“When deviations from baselines are extremely large, our DDoS control plane logic cuts through normal detection steps, needed for lower-volume floods, to immediately kick-in mitigation. This ensures the fastest time-to-mitigation and prevents collateral damage from such large attacks.”

Dahan added that the customer did not suffer any impact or downtime, but if they had been running their own data centre instead of using Azure, they would most probably have incurred extensive financial damage as well as other intangible costs.

In 2020, Google revealed its infrastructure absorbed a 2.5Tbps DDoS attack three years previous. The attack was the culmination of a six-month campaign launched by Chinese-backed hackers that used multiple methods of attack, which ultimately had no material impact.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Podcast transcript: Should the US cyber army be more aggressive?
cyber warfare

Podcast transcript: Should the US cyber army be more aggressive?

22 Oct 2021
The IT Pro Podcast: Should the US cyber army be more aggressive?
cyber warfare

The IT Pro Podcast: Should the US cyber army be more aggressive?

22 Oct 2021
NSW government to set up $4 million semiconductor bureau
Policy & legislation

NSW government to set up $4 million semiconductor bureau

20 Oct 2021
Microsoft launches AI startup acceleration programme in India
Careers & training

Microsoft launches AI startup acceleration programme in India

20 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021