Microsoft has announced that it has stopped a 2.4 Tbps DDoS attack with maximum traffic targeting customers of Azure, a cloud computing service. The size of this attack is twice as large as the largest DDoS attack on Azure in 2020, and Microsoft is appealing its Azure attack mitigation capabilities.
A DDoS attack is an attack that sends a large number of requests that exceed the processing capacity of the target server and causes the server to malfunction. The large-scale DDoS attack announced by Microsoft this time targeted European customers in August 2021.
The DDoS attack on European customers continued for more than 10 minutes, and the traffic had three peaks: 2.4 Tbps, 0.55 Tbps, and 1.7 Tbps. Although this traffic was sent from more than 700,000 sources such as Malaysia, Vietnam, Taiwan, Japan and China, as well as over 700,000 sources such as the United States, it does not harm customers because it is blocked by region before reaching Europe by the attack mitigation function provided in Azure. that it didn’t
Microsoft said that the Azure DDoS protection platform can absorb tens of terabit DDoS attacks, and that if it had built its own data center without using Azure, it could have suffered extensive economic losses, appealing its Azure attack mitigation capabilities.
This attack’s maximum traffic of 2.4 Tbps significantly exceeds the maximum traffic of 1 Tbps for DDoS attacks detected by Azure in 2020. According to Microsoft, the average number of attacks per day against Azure in the first half of 2021 is 25% higher than the average number of attacks per day in the fourth quarter of 2020. Microsoft emphasized that, more than ever, malicious users are constantly looking for ways to take applications offline, so organizations driving digital transformation should pay utmost attention to developing a robust DDoS response strategy using Azure.
The Tbps-level DDoS attack was a 2.5Tbps DDoS attack on Google in 2017 and a 2.3Tbps DDoS attack on Amazon in 2020. Related information can be found here.