Microsoft mitigated a record-breaking 2.4 Tbps (terabytes per second) distributed denial of service (DDoS) attack targeting a European Azure customer during the last week of August.
“This is 140% higher than the 1 Tbps attack of 2020 and higher than any network volumetric event previously detected on Azure,” said Amir Dahan, senior program manager for Azure Networking, also describing it as an attack User Datagram Protocol (UDP) reflection.
The massive DDoS attack was launched using around 70,000 bots, mostly in the Asia-Pacific region (e.g. Malaysia, Vietnam, Taiwan, Japan, and China) and from the United States .
Attackers struck Azure’s infrastructure in terse bursts over a period of 10 minutes, each of these bursts reaching terabit volumes.
Dahan added that three attack peaks stood out, the first reaching maximum throughput at 2.4 Tbps and the next reaching up to 0.55 Tbps and 1.7 Tbps.
The August DDoS attack came after Microsoft reported a 25% increase in attacks from Q4 2020, with peak volumetric throughput declining from 1 Tbps in Q3 2020 to 625 Mbps in Q1. semester 2021.
DDoS attacks are on the rise
Distributed Denial of Service (DDoS) attacks, which are increasing in complexity and volume, correspond to the increase in internet activity after the onset of the current COVID-19 pandemic.
In early August, Alethea Toh, program manager for Azure Networking, said Microsoft saw a sharp increase in daily DDoS attacks in the first six months of 2021, with an increase of 25% from the fourth quarter of 2020.
Meanwhile, the Azure DDoS Protection team mitigated over 251,944 unique attacks targeting Azure’s global infrastructure in the first half of 2021.
The largest attack bandwidth to hit Azure infrastructure in the first six months of 2021 was 625 Gbps, nearly half of a 1 Tbps DDoS attack mitigated in the third quarter 2020.
Despite this, the average attack targeting Azure until the end of June increased by 30%, from 250 Gbps to 325 Gbps.
Azure customers in the United States (59%), Europe (19%) and East Asia (6%) remain the most targeted regions, mainly due to the high concentration of gaming and retail industries. financial services in these regions.
Previous record-breaking and publicly reported DDoS attacks were a 2.3 Tbps volumetric strike detected by Amazon Web Services Shield in Q1 2020 and a 21.8 million requests per second (rrps) application layer attack that hit Russian Internet giant Yandex last month.