Security

Microsoft says Azure fended off what might just be the world's biggest-ever DDoS attack

Much of the 2.4Tbit/sec came from across Asia and targeted a single Euro-customer


Microsoft claims its Azure cloud has fended off the largest DDOS attack it's detected, which clocked in at 2.4Tbit/sec.

The software giant has disclosed the attack, which Azure networking senior program manager Amir Dahan wrote was detected in late August.

"The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States," Dahan wrote.

The attackers used UDP reflection, a technique that sees an attacker send packets-a-plenty to an intermediate server – the "reflector". That name is earned because the attacker's packets identify the target machine's IP address as the source of the traffic. The intermediate server therefore sends responses to the target machine. Those responses can be larger than the incoming messages from the attacker.

Dahan wrote that the attacker used "UDP reflection spanning more than ten minutes with very short-lived bursts, each ramping up in seconds to terabit volumes. In total, we monitored three main peaks, the first at 2.4Tbit/sec, the second at 0.55Tbit/sec, and the third at 1.7Tbit/sec."

Azure's mighty DDoS-reflection powers saw off the attack, so whoever was behind it didn't deny service for the "Azure customer in Europe" that Microsoft says was the target of the attack. Sadly, Microsoft hasn't named the region targeted, so we're none the wiser about which Azure infrastructure has proven its resilience – should that be something you value.

Microsoft's post does, however, claim the attack is the largest it has seen. It may also be the largest anywhere.

In May 2020 AWS claimed it fended off a 2.3Tbit/sec attack, although Akamai claimed the attack it fended off in June of the same year involved more packets – 809 million per second of the blighters at the peak of the attack.

Cloudflare has staked its own claim to the crown, after recording 17.2 million requests per second in an August 2021 attack.

Microsoft hasn't shared any insights into the source of the attack, nor the attackers' motivations other than disrupting service. ®

Send us news
29 Comments

Bug in WebKit's IndexedDB implementation makes Safari 15 leak Google account info... and more

Glitch is spilling private data and there's not much Apple users can do about it

An improperly implemented API that stores data on browsers has caused a vulnerability in Safari 15 that leaks user internet activity and personal identifiers.

The vulnerability was discovered by fraud detection service Fingerprint JS, which has contacted the WebKit maintainers and provided a public source code repository.

As of 28 November last year, the issue had not been fixed, so the team at Fingerprint JS decided to make the finding public to encourage the expedition of its repair.

Continue reading

Buy 'em by the punnet: Raspberry Pi offers RP2040 chips in bulk

'Reel'-y cheap – like $0.70 a pop

If you only need the smallest of Raspberry Pi chips, but you need a lot of them, you can now buy the gang's RP2040 microcontrollers directly from the farm supplier in lots of 500 or 3,400.

Because the Raspberry Pi range is so cheap, people use lots of them – even in places where a complete Linux computer is arguably overkill. That's probably why, this time last year, the Raspberry Pi Foundation launched the Raspberry Pi Pico, a $4 device based around the RP2040 microcontroller – its first in-house CPU design.

The end-user version of the Pi Pico is a tiny PCB containing the RP2040 system-on-a-chip (SoC) and 2 MB of flash memory. (The board is a hair over 2×5cm, so only slightly bigger than an old-style DIP chip such as a Z80.) The RP2040 is still an ARM, but a tiny one: a dual-core 133 MHz Cortex M0+, plus 264 kB of RAM.

Continue reading

Ukraine blames Belarus for PC-wiping 'ransomware' that has no recovery method and nukes target boxen

And for last week's digital graffiti operations, too

After last week's website defacements, Ukraine is now being targeted by boot record-wiping malware that looks like ransomware but with one crucial difference: there's no recovery method. Officials have pointed the finger at Belarus.

Continue reading

Move over exoplanets, exomoons are the next big thing

Is that an extremely large moon we see outside the solar system, astro-boffins ask themselves

Scientists have spotted a new candidate for a moon existing outside of our solar system, with only a 1 per cent chance the observation could be an anomaly.

More than 4,000 exoplanets have been mapped since the first was found in 1992. Although the finding of worlds beyond the Earth's immediate star system generated much excitement at the time, exoplanets are not so rare a discovery in recent years: US space agency NASA once found 700 in a single haul.

However, the existence of moons outside the solar system has yet to be confirmed. Going with the thinking that there's nothing particularly special about our own solar system, which is host to more than 200 moons, then we might assume they are also commonplace elsewhere.

Continue reading

Cloud spending back to business as usual at end of 2021: Slight slowdown was a blip due to overprovisioning

IDC figures suggest providers had extra inventory to shift after pandemic panic

Spending on compute and storage infrastructure for the cloud rose by 6.6 per cent during the last quarter following a cooldown in the middle of 2021 due to overprovisioning by cloud providers in response to the pandemic.

The figures come from IDC's latest worldwide quarterly enterprise infra tracker that traces buyer and cloud deployment. The report shows that spending on compute and storage infrastructure products increased to $18.6bn during the third quarter of fiscal 2021.

This resumes the underlying trend of net positive year-on-year spending growth in each quarter, which, according to IDC, saw a dip in the second quarter of 2021 when spending actually decreased by 1.9 per cent.

Continue reading

Umbrella company Parasol Group confirms cyber attack as 'root cause' of prolonged network outage

'Malicious activity on our network' spotted, says CEO, as some contractors say they've still not been paid

Umbrella company Parasol Group has confirmed why it shut down part of its IT last week: it found unauthorised activity from an intruder.

As reported by us on Friday, the umbrella company's MyParasol portal, where timesheets are submitted, was not accessible due to a multi-day outage starting on 12 January, impacting the processing of payroll.

Tech freelancers suspected a cyberattack was to blame for the blackout and sure enough the Group wrote to customers at the close of last working week to explain in more detail what had happened.

Continue reading

Email blocklisting: A Christmas gift from Microsoft that Linode can't seem to return

Sorry, that IP address is on the naughty step

Microsoft appears to have delivered the unwanted Christmas gift of email blocklisting to Linode IP addresses, and two weeks into 2022 the company does not seem ready to relent.

Problems started as large chunks of the world began packing up for the festive period. Complaints cropped up on Linode's support forums when customers began encountering problems sending email to Microsoft 365 accounts from their own email servers.

On that thread, a Linode staffer acknowledged there was an issue and suggested a number of alternative third-party email services as a stopgap as well as saying: "Microsoft has acknowledge[d] the problem and looking into it [sic]."

Continue reading

Epoch-alypse now: BBC iPlayer flaunts 2038 cutoff date, gives infrastructure game away

Nobody expects the Linux malposition, do they, Michael Palin?

Feeling old yet? Let the Reg ruin your day for you. We are now substantially closer to the 2038 problem (5,849 days) than it has been since the Year 2000 problem (yep, 8,049 days since Y2K).

Why do we mention it? Well, thanks to keen-eyed Reg reader Calum Morrison, we've spotted a bit of the former, and a hint of what lies beneath the Beeb's digital presence, when he sent in a snapshot that implies Old Auntie might be using a 32-bit Linux in iPlayer, and something with a kernel older than Linux 5.10, too.

That 2020 kernel release was the first able to serve as a base for a 32-bit system designed to run beyond 03:14:07 UTC on 19 January 2038.

Continue reading

Edge computing set for growth – that is, when we can agree what it is

Analyst predicts double-digit percentage uptick in '22

Worldwide spending on edge computing is expected to see double-digit growth this year, according to new figures from analyst IDC.

It also predicted investments in edge will reach $176bn in 2022, an increase of 14.8 per cent over last year.

"Edge computing continues to gain momentum as digital-first organisations seek to innovate outside of the data centre," IDC research vice president Dave McCarthy said in a statement, adding that the diverse needs of edge deployments have created a market opportunity for technology suppliers, increasingly through partnerships and alliances.

Continue reading

Open source, closed wallets, big profits – nobody wins the OSS rock, paper, scissors game

Stop horsing around. Pony up

Opinion There's much talk of the Open Source Sustainability Problem. From individual developers to Google's White House lobbying, the issue seems simple but intractable. Is the willingness of volunteer coders a solid enough basis for the long-term health of essential infrastructure?

This is, of course, balderdash. It's not an open source problem, it's a software problem. All software needs resources to adapt as the working environment changes, resources the changed environment may not provide. Look how many out-of-support versions of Windows still limp on like superannuated footy players in the Sunday leagues.

According to StatCounter, as of December 2021, one in seven PCs still runs Windows 7. One in 200 is on XP. Try getting Microsoft to update either.

Continue reading

Planning for power cuts? That's strictly for the birds

Please Mr Hitchcock, no more. The UPS can't take it

Who, Me? "Expect the unexpected" is a cliché regularly trotted out during disaster planning. But how far should those plans go? Welcome to an episode of Who, Me? where a reader finds an entirely new failure mode.

Today's tale comes from "Brian" (not his name) and is set during a period when the US state of California was facing rolling blackouts.

Our reader was working for a struggling hardware vendor in the state, a once mighty power now reduced to a mere 1,400 employees thanks to that old favourite of the HR axe-wielder: "restructuring."

Continue reading