Microsoft says it was able to mitigate a 2.4 terabytes per second (Tbps) Distributed Denial-of-Service (DDoS) attack in August. The attack targeted an Azure customer in Europe, and was 140 percent higher than the highest attack bandwidth volume Microsoft recorded in 2020. It also exceeds the peak traffic volume of 2.3Tbps, the previous largest attack, which was directed at Amazon Web Services last year.
Microsoft says the attack lasted more than 10 minutes, with short-lived bursts of traffic that peaked at 2.4Tbps, 0.55Tbps, and finally 1.7Tbps. DDoS attacks are typically used to force websites or services offline, thanks to a flood of traffic that a web host can’t handle. They’re usually performed through a botnet, a network of machines that have been compromised using malware or malicious software to control them remotely. Azure was able to stay online throughout the attack, thanks to its ability to absorb tens of terabits of DDoS attacks.
“The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States,” explains Amir Dahan, a senior program manager for Microsoft’s Azure networking team.
While the number of DDoS attacks have increased in 2021 on Azure, the maximum attack throughput had declined to 625Mbps before this 2.4Tbps attack in the last week of August. Microsoft doesn’t name the Azure customer in Europe that was targeted, but such attacks can also be used as cover for secondary attacks that attempt to spread malware and infiltrate company systems.
Amazon Web Services (AWS) previously held the record for the largest mitigated DDoS attack, a 2.3Tbps attempt that leapfrogged the previous 1.7Tbps record held by NetScout Arbor in March 2018.