Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Akamai Mitigates Record 809 MPPS DDoS Attack

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second).

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second).

Earlier this month, the company shared details on the mitigation of a 1.44 TBPS (terabits per second) DDoS assault that reached 385 MPPS at its peak, but the more recent incident, which happened on June 21, was more than double the size in terms of PPS.

The attack, which lasted just over 10 minutes, reached 418 GBPS within seconds, and 809 MPPS in two minutes. The attack vector was UDP on port 80.

Unlike large BPS assaults, which mostly target capability, PPS-focused attacks mainly aim to exhaust network gear and/or applications within the data center or cloud environment.

Designed to overwhelm DDoS mitigation systems through a high PPS load, the attack involved the use of packets carrying 1 byte payloads (for a total packet size of 29 with IPv4 headers), Akamai says.

Another unique characteristic of the attack was the use of a large number of source IP addresses. The assault was highly distributed in nature, with the number of source IPs increasing during the attack to over 600 times the number of source IPs per minute normally observed for the targeted customer, a European bank.

Akamai, which tracks hundreds of thousands of source IPs abused for DDoS, says that the vast majority of the IPs used in the attack were not observed in previous 2020 incidents, suggesting that an emerging DDoS-capable botnet was behind the operation.

“It was highly unusual that 96.2% of source IPs were observed for the first time (or at a minimum, were not being tracked as being part of attacks in recent history). […] In this case, most of the source IPs could be identified within large internet service providers via autonomous system (AS) lookups, which is indicative of compromised end-user machines,” the company explains.

Advertisement. Scroll to continue reading.

“Looking holistically at DDoS activity since the onset of 2020, it is clear that large, sophisticated DDoS attacks are still a significant attack vector,” Akamai says.

Earlier this month, Amazon revealed that it had mitigated a massive 2.3 TBPS DDoS in February. That attack, the company said, peaked at 293 MPPS.

Related: Akamai, Amazon Mitigate Massive DDoS Attacks

Related: T-Mobile Outage Mistaken for Massive DDoS Attack on U.S.

Related: NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.