New DDoS peak: Microsoft fends off 15.7 TBit/s attack
Microsoft has registered a DDoS attack with a peak load of 15.7 TBit/s. The peak value has more than doubled since June.
(Image: Color4260/Shutterstock.com)
On October 24th of this year, Microsoft observed a large-scale DDoS attack in its Azure cloud with multiple attack vectors of 15.72 TBit per second. The load generated 3.64 billion packets per second, which characterizes the largest observed DDoS attack to date, writes Microsoft in a blog post.
The company explains that the attack originated from the Aisuro botnet – which attacked the blog of IT security journalist Brian Krebs in [null]May. It is a Mirai-like botnet “with turbo” that repeatedly carries out record-breaking DDoS attacks. The criminal masterminds misused compromised home routers and cameras, which are largely located in networks of internet providers for private households in the USA and other countries.
In a DDoS attack, malicious actors flood servers or systems with so many requests that they can no longer respond to regular requests, for example, from real people. DDoS attacks thus effectively take them offline.
The attack included, among other things, UDP floods with extremely high rates directed at a specific public IP address – a single endpoint in Australia. They originated from more than half a million source IP addresses from various regions. The UDP “bursts” showed only a small amount of source spoofing and used random source ports, which facilitated tracing. “Attackers scale with the internet itself,” writes Microsoft, “with increasing speeds of fiber optic connections and increasingly powerful IoT hardware, the baseline for attack sizes also climbs.”
DDoS attack repelled
Microsoft explains that Azure's DDoS protection automatically detected and repelled the attack. “Malicious traffic was effectively filtered and rerouted, leading to uninterrupted service availability for customer workloads,” writes the author of the blog post.
In June, [null]Cloudflare observed a peak load of 7.3 TBit/s during a DDoS attack. This means the peak value has more than doubled in less than half a year.
Videos by heise
At the beginning of September, [null]Cloudflare most recently reported a DDoS attack with a peak of 11.5 TBit per second. For this, the attackers even sent 5.1 billion packets per second – significantly more than the attackers now sent to the endpoint protected by Microsoft's Azure.
(dmk)
