A massive 2.4 Tbps DDoS attack has recently targeted an unnamed Microsoft Azure customer. However, the customer’s site was not affected by the attack as the cloud service fended off the onslaught.
Ubisoft, eBay, Samsung, and Boeing are among the many companies that use Azure, even the Taipei City Council utilizes it. As such, we’re glad the attacks were unsuccessful.
Users were inundated with UDP packets by means of a UDP flood, in which attackers overloaded networks with IP packets, forcing websites offline.
An Azure Networking senior program manager, Amir Dahan, detailed what happened during the end-of-August attack. Approximately 70,000 “sources” were involved in the attack, including Malaysia, Vietnam, Taiwan, Japan, and China. It was also mentioned that the U.S. had been involved, at least in some capacity.
In more than ten minutes, three short bursts of the DDoS attack were delivered. The first wave reached 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.
Through DDoS attacks, websites and services are bombarded with traffic at levels they cannot handle, ultimately forcing them offline. Networks comprising infected machines facilitate these attacks, making it possible for an attacker to remotely control them.
Despite the record-setting size of the attack, Microsoft confirmed that its mitigation system could handle all of the DDoS attacks with ease. Azure’s protection platform has the capacity to grapple with DDoS attacks in the tens of terabit range without affecting its customers.
Dhan stated that the largest DDoS attack before this announcement occurred last year in Q3 2020 with a 1 Tbps attack.
The number of DDoS attacks on Microsoft’s cloud platform Azure was 25 percent higher this year than they were in Q4 2020, but the attack speed did not exceed 625 Mbps in the first half of 2021.