Microsoft has confirmed to mitigate a massive DDoS attack originated from a botnet comprising 70,000 compromised IoT devices.
Microsoft reported that an unnamed customer of its Azure cloud platform was targeted with a 2.4 Tbps DDoS attack in the last week of August, which the company mitigated.
This DDoS attack was around 140% higher than the attack recorded in 2020 as it surpassed the 2.3 Tbps attack detected and stopped by Amazon Web Services (AWS) back in Feb 2020.
About Reflection Amplification Attack
The senior program manager for Azure Networking, Amir Dahan, called its UDP reflection for around ten minutes. “This is 140 percent higher than 2020’s 1 Tbps attack and higher than any network volumetric event previously detected on Azure,” Dahan noted.
SEE: Yandex hit by largest DDoS attack involving 200,000 hacked devices
Reflected Amplification attacks are also a type of denial of service (DoS) attacks. An attacker exploits the connectionless property of UDP protocol with fake requests to overwhelm a targeted network/server with a flood of pockets. This disrupts the network’s activities or renders the server unavailable.
Attack’s Origin and Details
The recent DDoS attack against an Azure customer originated from a botnet comprising at least 70,000 compromised devices. The infected devices were located around the Asia-Pacific region, including:
- The United States.
According to Microsoft, three brief bursts were observed, each ramping up to terabit volumes within mere seconds. The first was recorded at 2.4Tbps, the second at 0.55Tbps, and the third reached 1.7Tbps.
“Attacks of this size demonstrate the ability of bad actors to wreak havoc by flooding targets with gigantic traffic volumes trying to choke network capacity,” Dahan wrote in the blog post.
Given Azure’s “global absorption scale and advanced mitigation logic,” the targeted entity didn’t suffer any downtime or impact from the DDoS attack.
“Bad actors, now more than ever, continuously look for ways to take applications offline. Therefore, organizations should give their utmost attention to developing a robust DDoS response strategy,” Dahan suggested.