Microsoft Azure repels whopping 2.4 Tbps DDoS attack

Microsoft Azure detected and blocked the attack traffic close to the originating countries itself

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas shared that itscloud computingserviceAzuresuccessfully mitigated a Distributed Denial of Service (DDoS) attack that peaked at 2.4 Tbps.

The attack was directed towards an Azure customer in Europe and took place in the last week of August 2021.

“Attacks of this size demonstrate the ability of bad actors to wreak havoc by flooding targets with gigantic traffic volumes trying to choke network capacity. However, Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks,”wroteAmir Dahan Senior Program Manager, Azure Networking.

Incidentally earlier that same month, Microsoft had sharedAzure’s DDoS trendsfor the first half of 2021, which reported a 25% increase in attacks compared to Q4 of 2020, albeit a decline in maximum attack throughput, from 1 Tbps in Q3 of 2020 to 625 Mbps in the first half of 2021.

For comparison, Dahan says that the 2.4 Tbps attack in recently repealed, was a whopping 140 times higher than last year’s 1 Tbps attack, making it the highest network volumetric event ever detected on Azure.

Snip at the source

Dahan shares that the attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States.

The attack vector was a UDP reflection that spanned more than 10 minutes with very short-lived bursts, with three main peaks, the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Talking about Azure’s mitigation mechanisms that helped repeal DDoS attacks, he says that it is Azure’s aggregated distributed mitigation capacity, which can scale massively, that helps it absorb such volumetric attacks.

“Attack mitigation lifecycle is orchestrated by our control plane logic that dynamically allocates mitigation resources to the most optimal locations, closest to the attack sources,” he shares.

In the 2.4 Tbps attack, this strategy ensured that the attack traffic never reached the customer region, and was instead mitigated within the source countries itself.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well