microsoft largest ddos attack
A hacker tried to take down a Microsoft customer’s internet services with the second-largest DDoS attack on record this past August.
On Monday, the company reported it encountered the 2.4Tbps attack targeting a Microsoft Azure customer based in Europe. The current record holder is a 2.5 Tbps assault Google fended off back in 2017.
A DDoS attack essentially tries to down a website or internet service by bombarding the system with a flood of data traffic. To do so, the hacker can sometimes harness botnets, or armies of malware-infected computers, to generate the traffic.
In this case, the attack originated from “70,000 sources” based in countries across Asia and the US, Microsoft says. Whether the hacker used a botnet was left unsaid. But the UDP protocol was exploited in what’s known as a “reflection attack” to amplify the data traffic to 2.4Tbps.
According to Microsoft, the attack lasted for only 10 minutes and occurred in waves.
“In total, we monitored three main peaks, the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps,”
Microsoft
The attack would’ve been enough to disrupt a company running their own data center. However, Microsoft says it successfully mitigated the attack, thanks to Azure’s DDoS protection service, which is capable of absorbing “tens of terabits of DDoS attacks.”
“This aggregated distributed mitigation capacity can massively scale to absorb the highest volume of DDoS threats, providing our customers the protection they need,”
The incidents show that the biggest internet providers can fend off even the mightiest DDoS attacks. Hence, the companies have been using their DDoS protection capabilities to also market their cloud internet services.
microsoft largest ddos attack