Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Akamai Mitigates Record 809 MPPS DDoS Attack

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second).

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second).

Earlier this month, the company shared details on the mitigation of a 1.44 TBPS (terabits per second) DDoS assault that reached 385 MPPS at its peak, but the more recent incident, which happened on June 21, was more than double the size in terms of PPS.

The attack, which lasted just over 10 minutes, reached 418 GBPS within seconds, and 809 MPPS in two minutes. The attack vector was UDP on port 80.

Unlike large BPS assaults, which mostly target capability, PPS-focused attacks mainly aim to exhaust network gear and/or applications within the data center or cloud environment.

Designed to overwhelm DDoS mitigation systems through a high PPS load, the attack involved the use of packets carrying 1 byte payloads (for a total packet size of 29 with IPv4 headers), Akamai says.

Another unique characteristic of the attack was the use of a large number of source IP addresses. The assault was highly distributed in nature, with the number of source IPs increasing during the attack to over 600 times the number of source IPs per minute normally observed for the targeted customer, a European bank.

Akamai, which tracks hundreds of thousands of source IPs abused for DDoS, says that the vast majority of the IPs used in the attack were not observed in previous 2020 incidents, suggesting that an emerging DDoS-capable botnet was behind the operation.

“It was highly unusual that 96.2% of source IPs were observed for the first time (or at a minimum, were not being tracked as being part of attacks in recent history). […] In this case, most of the source IPs could be identified within large internet service providers via autonomous system (AS) lookups, which is indicative of compromised end-user machines,” the company explains.

“Looking holistically at DDoS activity since the onset of 2020, it is clear that large, sophisticated DDoS attacks are still a significant attack vector,” Akamai says.

Earlier this month, Amazon revealed that it had mitigated a massive 2.3 TBPS DDoS in February. That attack, the company said, peaked at 293 MPPS.

Related: Akamai, Amazon Mitigate Massive DDoS Attacks

Related: T-Mobile Outage Mistaken for Massive DDoS Attack on U.S.

Related: NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...