Microsoft has revealed that last November, it mitigated a Distributed Denial of Service (DDoS (opens in new tab)) attack with a throughput of 3.47 Tbps, and a packet rate of 340 million packets per second (pps). That makes it, according to Microsoft, the largest DDoS attack reported - ever.
Roughly 10,000 endpoints (opens in new tab) participated in the attack, coming from various places in the world, from the United States, China, South Korea, Russia, to Thailand, India, Vietnam, Iran, Indonesia, and Taiwan. All of these are most likely consumer devices, such as laptops, routers, and smart gadgets, laden with malware (opens in new tab) and controlled from a remote server.
The attack, targeting an unnamed Microsoft Azure customer in Asia, used multiple vectors for the attack: UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP). All of these comprised a single peak, with the overall attack lasting approximately 15 minutes.
In addition to this newly-dubbed “largest-ever” attack, Microsoft mitigated two more large-scale DDoS attacks against Azure targets in October 2021, both with a throughput of 2.4 terabits per second.
Microsoft mitigated an average of 1,955 attacks per day, the report further said, representing a 40% increase from the first half of 2021.
August 10 was reportedly the busiest day of 2021 for criminals, with that day seeing 4,296 attacks recorded. In total, the company mitigated more than 350,000 unique attacks against its global infrastructure in H2 2021, 43% up from H1 2021.
> Microsoft Azure repels whopping 2.4 Tbps DDoS attack (opens in new tab)
> Kids won’t stop launching DDoS attacks against their schools (opens in new tab)
> DDoS attacks soared to new highs in 2021 (opens in new tab)
Microsoft also spotted that this year’s holiday season wasn’t as busy as last year’s. There were more attacks in Q3 than in Q4, with the majority happening in August. This may indicate a shift towards attackers being active all throughout the year, the report says.
“No longer is holiday season the proverbial DDoS season! This highlights the importance of DDoS protection all year round, and not just during peak traffic seasons,” the company concluded.
- These are the best firewalls (opens in new tab) right now