Microsoft Azure Successfully Defends Major DDoS Attack

Share post:

At 2.4 terabits per second (Tbps), the Distributed Denial of Service (DDoS) attack that Microsoft successfully defended European Azure cloud users against could be the largest to date.

It is already the largest DDoS attack on an Azure cloud customer, bigger than the previous high, the Azure 1 Tbps attack in 2020, and Microsoft said it was “higher than any network volumetric event previously detected on Azure.”

The attack came from more than 70,000 sources from several Asia-Pacific countries, including Malaysia, Vietnam, Taiwan, Japan and China, as well as the U.S.

The attack vector was a User Datagram Protocol (UDP) reflection attack and lasted over 10 minutes with very short-lived bursts. Each burst increased to terabit volume in seconds. Microsoft reported three major spikes, the first at 2.4 Tbps, the second at 0.55 Tbps and the third at 1.7 Tbps.

In a UDP reflection attack, the attacker takes advantage of the fact that UDP is a stateless protocol, which means that the attackers can create a valid UDP request packet that lists the IP address of the target as the UDP source IP address.

The name is derived from the type of attack reflected back and forth in the local network, and the UDP packet contains the spoofed source IP and is sent by the attacker to a middleman server.

The middleman machine helps amplify the attack by generating network traffic many times larger than the request packet, which increases the attack traffic.

The actual gain depends on the misuse of the attack protocol. The worst of these is memcached, an open-source, high-performance, distributed object caching system often used by social networks such as Facebook and its creator LiveJournal to store tiny bits of arbitrary data.

But when it comes to abuse, Cloudflare, the web performance and security company, has found that 15 bytes of requests can lead to 750KB of attack traffic – a 51,200x gain.

Attacks that exploit DNS, such as this attack, can reach 28 to 54 times as many bytes as they originally did.

Some DDoS protection is provided for all Azure users. Microsoft recommends subscribing to the Azure DDoS Protection Standard for more comprehensive protection, as it also provides cost protection.

For more information, read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday May 17, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, May 17th,...

Cyber Security Today, May 17, 2024 – Malware hiding in Apache Tomcat servers

Malware hiding in Apache Tomcat servers, new backdoors found, and more Welcome to Cyber Security Today. It's Friday, May...

MIT students exploit blockchain vulnerability to steal 25 million dollars

Two MIT students have been implicated in a highly sophisticated cryptocurrency heist, where they reportedly exploited a vulnerability...

Cyber Security Today, May 15, 2024 – Ebury botnet still exploits Linux servers, Microsoft, SAP and Apple issue security updates

The Ebury botnet continues to exploit Linux servers, Microsoft, SAP and Apple issue security updates, and more. Welcome to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways