Microsoft quickly mitigated a record-setting distributed denial-of-service (DDoS) attack that reached 2.4 Tbps and was launched from roughly 70,000 compromised devices.
The assault targeted an unnamed Azure customer and, at 2.4 Tbps, would have been about 140% larger than the 1 Tbps attack Microsoft mitigated in 2020.
This latest attempt also exceeded the 2.3 Tbps attack that Amazon Web Services blocked in February of last year, marking a new high in attack volume had it succeeded.
In its summary of DDoS activity from the prior year, Microsoft emphasized that most attacks occur as short, intense bursts of traffic rather than prolonged campaigns. The recent incident followed that pattern.
Amir Dahan, Senior Program Manager for Azure Networking, described the attack as a UDP reflection that persisted for about ten minutes. UDP reflection attacks exploit the connectionless nature of the User Datagram Protocol by sending spoofed requests to amplify traffic toward a target until servers or networks become overwhelmed.
Microsoft observed three distinct peaks during the incident: an initial peak at 2.4 Tbps, a second at 0.55 Tbps, and a third at 1.7 Tbps. The attack traffic originated from around 70,000 compromised devices distributed across the Asia-Pacific region—including Malaysia, Vietnam, Taiwan, Japan, and China—as well as from devices in the United States.
(Photo by Joshua Hoehne on Unsplash)
Find out more about Digital Transformation Week North America, held November 9–10, 2021. This virtual event explored advanced digital transformation strategies for a rapidly evolving “digital everything” world.