Microsoft recently disclosed some information about its strange encounter with the largest distributed denial of service (DDoS) attack in history. The said attack took place in November 2021.
According to the tech giant, it mitigated a colossal 3.47 terabits per second (Tbs) of DDoS disruption. It discovered that the hackers behind this assault had been exploiting Azure customers in Asia.
Microsoft Mitigated the Largest-Ever Reported DDoS Attack
Microsoft Azure DDoS Attack
Following the November incident, another investigation in December pointed out two more massive attacks which also had the same targets. The company said that it involved 2.55 Tbps UDP flood on port 443 and Tbps UDP on ports 80 and 443.
Per Azure Networking Product Manager Alethea Toh, the Redmond firm managed to fend off a large-scale attack with a packet rate of 340 million packets per second (pps) and 3.47 Tbps.
So far, it was deemed to be the biggest attack recorded in the history of DDoS, according to PCMag on Friday, Jan. 28.
Furthermore, the company also noted that nearly 10,000 sources were found to be linked to this wide-scale exploitation. It affected several countries such as Taiwan, India, Russia, China, South Korea, Thailand, Vietnam, Indonesia, Iran, and the United States.
To add, the UDP reflection on port 80 involved various attack vectors in the process. The report wrote that the malicious attempt lasted for 15 minutes.
Here are the pathways that the hackers used to penetrate the Azure customers.
-
Network Time Protocol (NTP)
-
Connection-less Lightweight Directory Access Protocol (CLDAP)
-
Simple Service Discovery Protocol (SSDP)
-
Domain Name System (DNS)
Related Article: Microsoft Releases Patches For Zero-Day Exploits, Remote Code Execution Vulnerabilities, and More
Yandex DDoS Attack
Before Microsoft encountered the Azure DDoS attack in 2021, a DDoS attack took down Yandex, the known internet company in Russia in the same year. Around August, the cybercriminals delivered 21.8 million requests per second (rrps).
Amazon Web Services Shield identified that the attack was carrying a load of 2.3 Tbps in the first quarter of 2020.
Similarly, Google prevented a 2.54 Tbps DDoS five years ago. This was confirmed by Damian Menscher, the Security Reliability Engineer in the company.
In 2016, Arbor Networks spotted that a cloud-service platform was hit by a 500Gbps DDoS, Tech Times reported. Other respondents answered that there were cases that involved 337Gbps, 425Gbps, and 450Gbps.
Gaming Industry Amid DDoS Attacks
According to Microsoft's Toh, the gaming industry has always been tied up with DDoS attacks, making it the "hardest hit industry." The focal point of attacks can be seen in India, South Korea, China, Japan, and Hong Kong.
She added that the continuous adoption of mobile gaming has driven the hackers to transition in this attack.
Earlier this year, a "Minecraft" DDoS attack closed the whole internet network in Andorra. Tech Times wrote that it originated during the SquidCraft Games contest. Players kept on disconnecting during the regulation and later got kicked out of the tournament.
The holiday season was not a free escape for Microsoft. Bleeping Computer reported that the tech titan was battling with the TCP PUSH-ACK flood attacks during that time.
Read Also: Kaspersky Says DDoS Attacks Have Decreased by 38.% in Q2 2020--How to Stay Protected
This article is owned by Tech Times
Written by Joseph Henry