Microsoft says Azure fended off what might just be the world's biggest-ever DDoS attack

Much of the 2.4Tbit/sec came from across Asia and targeted a single Euro-customer

Microsoft claims its Azure cloud has fended off the largest DDOS attack it's detected, which clocked in at 2.4Tbit/sec.

The software giant has disclosed the attack, which Azure networking senior program manager Amir Dahan wrote was detected in late August.

"The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States," Dahan wrote.

The attackers used UDP reflection, a technique that sees an attacker send packets-a-plenty to an intermediate server – the "reflector". That name is earned because the attacker's packets identify the target machine's IP address as the source of the traffic. The intermediate server therefore sends responses to the target machine. Those responses can be larger than the incoming messages from the attacker.

Dahan wrote that the attacker used "UDP reflection spanning more than ten minutes with very short-lived bursts, each ramping up in seconds to terabit volumes. In total, we monitored three main peaks, the first at 2.4Tbit/sec, the second at 0.55Tbit/sec, and the third at 1.7Tbit/sec."

Azure's mighty DDoS-reflection powers saw off the attack, so whoever was behind it didn't deny service for the "Azure customer in Europe" that Microsoft says was the target of the attack. Sadly, Microsoft hasn't named the region targeted, so we're none the wiser about which Azure infrastructure has proven its resilience – should that be something you value.

Microsoft's post does, however, claim the attack is the largest it has seen. It may also be the largest anywhere.

In May 2020 AWS claimed it fended off a 2.3Tbit/sec attack, although Akamai claimed the attack it fended off in June of the same year involved more packets – 809 million per second of the blighters at the peak of the attack.

Cloudflare has staked its own claim to the crown, after recording 17.2 million requests per second in an August 2021 attack.

Microsoft hasn't shared any insights into the source of the attack, nor the attackers' motivations other than disrupting service. ®

Send us news

Google submits complaints about Microsoft licensing to UK competition regulator

Now Microsoft has regulator breathing down its neck in three regions

OpenAI meltdown: How could Microsoft have let this happen after betting so many billions?

A quick summary of the past three days of chaos. And Redmond has questions to answer

Experienced Copilot help is hard to find, warns Microsoft MVP

Almost nobody has used it, or knows it well, so beware of consultants bearing cred

Microsoft, Databricks double act tries to sew up the data platform market

But the one-stop shop vision fails to take it far beyond the competition

Microsoft adds FPGA-powered network accelerator to Azure

'Azure Boost' vastly speeds cloudy server IOPS and is coming to all new instance types

You get a Copilot, and <em>you</em> get a Copilot – Microsoft now the Copilot company

Bing Chat is now known as – you can guess. Plus more AI bits and pieces coming to Teams, Office, etc

Tiny11 shrinks Windows 11 23H2 down to pocket size

An option when sun sets on Windows 10, but Microsoft might have a problem

Windows users can soon ditch Bing, Edge, other bundleware – but only in the EU

On the other hand, Europeans have to wait for Copilot

Microsoft's bug bounty turns 10. Are these kinds of rewards making code more secure?

Katie Moussouris, who pioneered Redmond's program, says folks are focusing on the wrong thing

HP printer software turns up uninvited on Windows systems

No escape from bloat, even without relevant hardware attached

Microsoft's Swiss army knife app hopes to cut through cloud clutter

A 'win' for Windows or just another pane in the glass?

Nostalgia for XP sells out Microsoft's 2023 'Windows Ugly Sweater'

Bliss not your thing? You could win the Paint version