Last August the network Azure Microsoft has managed to counter a DDoS attack with a flow rate of 2.4 terabits per second. An offensive of colossal scope, which represents the biggest cyber attack ever. As far as we know, the attack was aimed at a single Azure customer in Europe, even if we do not know the identity of the victim.
Azure thwarted the biggest DDoS attack of all time
First of all let’s clarify: what is a DDoS attack? In short, it is a cyber attack that aims to saturate the requests that a structure, such as a website, can support, which consequently leads this structure to stop working properly. The purpose of the attack can be either to block a service, or to “hold it hostage” until a ransom is paid.
These attacks are particularly difficult to manage, as they come from multiple sources that are geographically distant and therefore more difficult to detect and combat.
Going into the merits of our case history, the DDoS attack fought by Azure at the end of August was perpetrated using a botnet of over 70.000 bot located mainly in the Asia Pacific region, and in countries such as Malaysia, Vietnam, Taiwan, Japan and China, with players also present in the United States. As we pointed out at the beginning, the attack was directed against a single Azure customer in Europe that Microsoft did not want to mention.
The botnet network has set up a DDoS type attack reflection UDP, that is an attack that exploits the “stateless” peculiarity of the UDP protocol. The offensive came in three short waves within ten minutes and Azure managed to mitigate it greatly by absorbing the fake requests thanks to a platform specially designed for this type of event.