Microsoft earlier this week announced that its Azure DDoS Protection platform kept a record-breaking 3.47 Tbps Distributed Denial of Service (DDoS) attack at bay after it was launched against an Azure customer from Asia.
The team said it mitigated several DDoS attacks against customers in the past year, including three that exceeded 2.4 Terabits per second (Tbps). The biggest one, in November, was aimed at an Azure customer from Asia. It lasted 15 minutes and reached a peak throughput of 3.47 Tbps at a rate of 340 million packets per second (pps).
The attack originated from approximately 10,000 sources around the world, including across the US, Russia, South Korea, China, India, Thailand, Vietnam, Taiwan, Indonesia and Iran, according to an Azure blog post.
The company also said it mitigated two more DDoS incidents in December. Both aimed at targets in Asia and surpassed 2.5 Tbps. The first lasted for around 15 minutes, targeting ports 80 and 443. It had four peaks, and reached a throughput of 3.25 Tbps. The other only reached 2.55 Tbps, lasted 5 minutes, had a single peak, and targeted port 443.
“Microsoft mitigated an average of 1,955 attacks per day, a 40 percent increase from the first half of 2021,” said Alethea Toh, Azure Networking product manager. “The maximum number of attacks in a day recorded was 4,296 attacks on August 10, 2021. In total, we mitigated upwards of 359,713 unique attacks against our global infrastructure during the second half of 2021, a 43 percent increase from the first half of 2021.”
The company said the gaming industry took the hardest hit, followed closely by ISPs, financial institutions, VoIP service providers, retail and supply chain.
The October-to-December holiday season saw new TCP PUSH-ACK flood attack vectors, mainly in Hong Kong, Japan and South Korea. Researchers noticed attackers deploying a new TCP manipulation technique to dump huge payloads. However, the Azure DDoS Protection platform mitigated the attack automatically, without affecting the customers.