The DDoS attack on the bank was mitigated by Akamai.
Recently, Hackread.com reported how AWS Shield mitigated the largest ever recorded DDoS attack of 2.3Tbps to smash the earlier record of 1.7 Tbps. Now, the networking and security firm Akamai claims to have mitigated the largest ever DDoS attack in terms of packets-per-second.
The attack was launched against an unnamed, mainstream European bank and was recorded at 809 Mpps (million packets-per-second). The DDoS attack or distributed denial of service attack was carried out on June 21, 2020.
It is worth noting that the nature of DDoS attack recorded by AWS is different from the one blocked by Akamai. According to Akamai, this attack is double the size of the largest attack the company had mitigated previously, whereas the AWS attack was 44% of the attack earlier recorded to be the largest ever.
Moreover, this attack is unique because of the humongous spike in the number of source IP addresses. This indicates that the attack was “highly distributed” in nature as the company noted 600 times higher number of source IPs in comparison to the number of normally registered traffic directed to the target destination.
Furthermore, a majority of the attack traffic was sourced from unique IPs (almost 96.2% were unique), as researchers haven’t noted this attack’s source IPs in any of the previous attacks recorded in 2020, which means there might be a novel emerging botnet.
Beyond just the volume of IP addresses, the vast majority of the attack traffic was sourced from IPs that we have not recorded in prior 2020 attacks, indicating an emerging botnet. Akamai tracks hundreds of thousands of source IPs leveraged in DDoS attacks, tens of thousands of which have been seen in multiple attacks, wrote Akamai’s Tom Emmons in a blog post.
Another unique aspect of this attack is the speed at which it peaked. It started from a normal traffic level and reached 418 Gbps within seconds, and then peaked at 809 Mbps in just two minutes. This is why it is dubbed the most “intense” DDoS attack ever recorded.
Akamai researchers believe that attackers aimed to overwhelm applications and network gear in the victim’s cloud environment or data center, while normally high bps DDoS attacks aim to overwhelm the inward bound internet pipeline. Both BPS and PPS attacks may be volumetric but PPS attacks are extremely rare and usually launched to exhaust networking gear resources.
Radware’s product marketing manager Eyal Arazi observed that the nature of DDoS attacks is dramatically changing and the currently available protections are ineffective against them. DDoS attacks nowadays are focusing more on targeting the application-layer and using “sophisticated” botnets and attack vectors like SSL floods, burst attacks, and carpet-bombing attacks.
“This is why it’s important to choose a DDoS protection service that offers behavioral protections that go beyond a simple signature and rate limits, have the capacity to deal even with the largest attacks, and back their marketing claims with quantifiable and measurable SLA metrics” Arazi wrote in a blog post in March 2020.