Mar 10 2023

Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps

Category: DDoSDISC @ 10:42 am

Akamai reported that on February 23, 2023, at 10:22 UTC, it mitigated the largest DDoS attack ever. The attack traffic peaked at 900.1 gigabits per second and 158.2 million packets per second. The record-breaking DDoS was launched against a Prolexic customer in Asia-Pacific (APAC).

ā€œOn February 23, 2023, at 10:22 UTC, Akamai mitigated the largestĀ DDoS attackĀ ever launched against a Prolexic customer based in Asia-Pacific (APAC), with attack traffic peaking at 900.1Ā gigabits per second and 158.2 million packets per second.ā€ reads theĀ postĀ published by Akamai.

DDoS

The company pointed out that the attack was intense and short-lived, with most attack traffic bursting during the peak minute of the attack. The overall attack lasted only a few minutes.

Akamai mitigated the attack by redirecting the malicious traffic through its scrubbing network.

Most of the malicious traffic (48%) was managed by scrubbing centers in the APAC region, but the company claims that all its 26 centers were loaded, with only one center in HKG handling 14,6% of the total traffic.

Akamai states that there was no collateral damage thanks to its defense.

TheĀ previous record-breaking distributed denial of service attackĀ mitigated by Akamai hit a company customer in Europe on September 2022. At the time, the malicious traffic peaked at 704.8 Mpps and appeared to originate from the same threat actor behind another record-breaking attack that AkamaiĀ blockedĀ in July and that hit the same customer.

In January, MicrosoftĀ announcedĀ that its Azure DDoS protection platform has mitigated a recordĀ 3.47 TbpsĀ attack that targeted one of its customers with a packet rate of 340 million packets per second (pps).

The attack took place in November and hit a customer in Asia, it originated from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan.

The 3.47 Tbps attack was the largest one Microsoft has mitigated to date, likely the massive one ever recorded.

Previous posts on DDoS

Distributed Denial of Service Attacks: Real-world Detection and Mitigation


InfoSec Threats
Ā |Ā InfoSec booksĀ |Ā InfoSec toolsĀ |Ā InfoSec services

Tags: ddos, Distributed Denial of Service Attacks


Sep 16 2022

Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

Category: DDoSDISC @ 10:36 am

On Monday, 12th September 2022, cybersecurity firm Akamai mitigated a distributed denial of service attack (DDoS Attack), which has been declared a record-breaking attack in terms of packets-per-second compared to the attack Akamai recorded in July.

For your information, cybercriminals bombard servers with fake requests and traffic to prevent legit visitors from accessing their services in a DDoS attack.

The primary targets of the attack Akamai recorded recently were European companies. It peaked at 704.8 million packets per second, marking the second attack on such a massive scale against the same customer within a short span of three months.

According to Akamaiā€™s Craig Sparling, prior to June 2022, this customer only saw attack traffic against its primary data center. However, unexpectedly, the attack campaign expanded, hitting six different global locations, from Europe to North America.

Akamai Prolexicā€™s DDoS specialization culture, focus on customer infrastructure designs, and history are rooted in defending the most complex, multifaceted attacks, and our platform is equipped with purpose-built tooling for rapid threat mitigation, even in the ā€˜fog of war.

Sean Lyons, Senior Vice President and General Manager of Infrastructure Security

The attack was thwarted on the same day it was identified. Though not the largest DDoS attack ever, this one raised eyebrows because it was the largest attack against European organizations. The attackers used UDP as their DDoS vector and ICMP, SYN, RESET floods, TCP anomaly, PUSH flood, etc.

Attackers managed to target more than 1,800 IP addresses of a single organization, and the attack was dispersed at six different locations. Akamai noted that this attack originated from the same threat actor that targeted it previously, while the target is also the same unnamed customer based in Eastern Europe.

Previously, the attacker targeted the companyā€™s primary data; this time, they could target 6 data center locations in North America and Europe.

Akamai Mitigated a Massive DDoS Attack Against its European Customer

As shown above, Akamai recorded a humongous 659.6 MPPS DDoS attack back in July. The latest attack was 7% higher than the one in July. The company received 74 DDoS attacks before July, and around 200 attacks afterward. The company stated that this campaign indicates attackers continuously improve their attack techniques to evade detection.

Akamai Mitigated a Massive DDoS Attack Against its European Customer

Distributed Denial of Service Attacks: Real-world Detection and Mitigation

Tags: DDoS Attack, Distributed Denial of Service Attacks