Security

Microsoft says Azure fended off what might just be the world's biggest-ever DDoS attack

Much of the 2.4Tbit/sec came from across Asia and targeted a single Euro-customer


Microsoft claims its Azure cloud has fended off the largest DDOS attack it's detected, which clocked in at 2.4Tbit/sec.

The software giant has disclosed the attack, which Azure networking senior program manager Amir Dahan wrote was detected in late August.

"The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States," Dahan wrote.

The attackers used UDP reflection, a technique that sees an attacker send packets-a-plenty to an intermediate server – the "reflector". That name is earned because the attacker's packets identify the target machine's IP address as the source of the traffic. The intermediate server therefore sends responses to the target machine. Those responses can be larger than the incoming messages from the attacker.

Dahan wrote that the attacker used "UDP reflection spanning more than ten minutes with very short-lived bursts, each ramping up in seconds to terabit volumes. In total, we monitored three main peaks, the first at 2.4Tbit/sec, the second at 0.55Tbit/sec, and the third at 1.7Tbit/sec."

Azure's mighty DDoS-reflection powers saw off the attack, so whoever was behind it didn't deny service for the "Azure customer in Europe" that Microsoft says was the target of the attack. Sadly, Microsoft hasn't named the region targeted, so we're none the wiser about which Azure infrastructure has proven its resilience – should that be something you value.

Microsoft's post does, however, claim the attack is the largest it has seen. It may also be the largest anywhere.

In May 2020 AWS claimed it fended off a 2.3Tbit/sec attack, although Akamai claimed the attack it fended off in June of the same year involved more packets – 809 million per second of the blighters at the peak of the attack.

Cloudflare has staked its own claim to the crown, after recording 17.2 million requests per second in an August 2021 attack.

Microsoft hasn't shared any insights into the source of the attack, nor the attackers' motivations other than disrupting service. ®

Send us news
29 Comments

Microsoft China turns 30, gives nation the gift of jobs and export promotion

Including assistance for the kind of companies the US is keen to contain

Microsoft highlights 'productivity paranoia' in remote work research

You know you're working, your colleagues know you're working, but the boss? Survey says: Paranoid

Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws

While issuing an emergency patch for Endpoint Configuration Manager

Microsoft debuts Windows 11 2022 Update – now with features added monthly

Oh. Joy.

Eastern European org hit by second record-smashing DDoS attack

Cough, cough, U, cough, kraine

Mozilla drags Microsoft, Google, Apple for obliterating any form of browser choice

If you've got no OS of your own, you've got little chance to compete, Firefox maker sighs

Excel's comedy of errors needs a new script, not new scripting

Microsoft reanimates the wrong corpse

Remember when Microsoft was going to put Azure in space? It's still trying

'Cloud connectivity' hits different this time

Microsoft low code branches into lightweight GUI widgets

Building features into Teams, Outlook without JSON coding possible with new Cards play

Microsoft fixes Windows security hole likely widely exploited by miscreants

Plus: Nasty no-auth RCE in TCP/IP stack, Adobe flaws, and many more updates

In Rust We Trust: Microsoft Azure CTO shuns C and C++

Mark Russinovich goes hardcore against old languages

Admins run into Group Policy problems after Win10 update

Scratch Patch ... it's Rip Tuesday: Users complain that Microsoft’s KB5017308 breaks desktop shortcuts