Eastern European org hit by second record-smashing DDoS attack

Cough, cough, U, cough, kraine

Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack – an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second.

This latest tsunami of traffic hit on Monday, according to the web infrastructure biz, and we're told the cybercriminals responsible for the earlier record-setting DDoS flood in July were behind this latest one, too. In fact, they targeted the same customer, which Akamai didn't name, the second time around.

For comparison, the July attack peaked at 659.6 Mpps with the organization coming under attack 75 times at its primary data center. This week's peaked at 704.8 Mpps, Akamai said, and hit six global locations 201 times. The packets were primarily UDP in both incidents, and while the July attack targeted 512 IP addresses, the September attack went after 1,813 in total, it's said.

"The attackers' command-and-control system had no delay in activating the multi-destination attack, which escalated in 60 seconds," wrote Akamai's Craig Sparling.

An Akamai spokesperson told The Register they couldn't provide any more detail about the Eastern European customer due to safety concerns.

The biz also declined to comment on the botnet and/or cybercriminals behind the attack, but an "additional information" section at the bottom of the blog directs readers to two CISA alerts. One discusses how to mitigate Russian state-sponsored threats to critical infrastructure and the second is a more general overview of Russia's nefarious online activities.

As Russia's illegal invasion of Ukraine continues, it is clear Russian teams do enjoy a DDoS attack against their enemy governments and corporations.

Akamai credited its Prolexic platform, which includes 20 high-capacity traffic scrubbing centers around the world, with thwarting the DDoS floods, and claimed its Hong Kong, London, and Tokyo locations shut down the bulk of the bot-driven traffic in both instances.

An old problem with potential to go nuclear

The Register's readers are to be forgiven if this week's DDoS attack induces a sense of déjà vu as these record-busting security events are happening with increasing frequency.

Security firm Radware documented a 203 percent increase [PDF] in the number of DDoS attacks mitigated per customer during the first six months of 2022, compared to the first six months of last year, and a 239 percent jump compared to the last six months of 2021.

Also last month, Google said it blocked the largest ever HTTPS-based DDoS attack in June, which peaked at 46 million requests per second.

This, the cloud giant noted, was about 76 percent larger than the previous record DDoS attack that Cloudflare thwarted earlier that same month. Plus, it followed yet another (at the time) record network-flooding event that Cloudflare stomped in April.

That the same organization is being targeted yet again with a record-breaking attack indicates a DDoS arms race is developing between the attacker and victim, just as physical conflict ratchets up. The one-upmanship between the anti-DDos defenders continues as well. ®

Similar topics


Other stories you might like

Biting the hand that feeds IT © 1998–2022