Akamai mitigates record-setting DDoS attack

By Dylan Bushell-Embling
Thursday, 02 July, 2020

Akamai mitigates record-setting DDoS attack

Akamai has mitigated what it believes to be a world record-setting DDoS attack against a large European bank in a concerning sign of an escalation of the DDoS threat landscape.

The attack was the largest ever recorded on the Akamai platform, generating 809 million packets per second. This was well over double the previous high water mark recorded on the Akamai platform.

The attack also came just one week after Akamai announced another huge DDoS attack against a US hosting service provider.

Analysis of the attack meanwhile indicates it was optimised to overwhelm DDoS mitigation systems via high PPS load, with each packet carrying a payload of just one byte.

Such focused attacks are far less common than those focused on overwhelming inbound internet pipelines bits per second.

Furthermore, these packets came from a vast number of IP addresses, with Akami recording up to 600 times the number of source IPs per minute compared to usual traffic to the targeted customer.

Even more concerningly, the vast majority (96.2%) of these IPs have not been recorded in prior attacks this year, indicating an emerging botnet. Akamai said it tracks hundreds of thousands of source IPs leveraged in DDoS attacks to date.

Another notable aspect of the attack was the speed at which it reached its peak. The attack grew from normal traffic levels to 418 Gbps in seconds, before reaching its peak size of 809 Mpps in a mere two minutes. The entire attack lasted just under 10 minutes.

Akamai said the attack demonstrates that large, sophisticated DDoS attacks are still a significant attack vector in 2020.

In addition, while financial services is a frequently targeted industry vertical in DDoS attacks, the fact that last week's attack was against a hosting provider demonstrates that companies in all industries are vulnerable to large DDoS attacks. Other frequent targets are gaming, media and business services companies.

Image credit: ©stock.adobe.com/au/Сake78 (3D & photo)

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related Articles

Continuing professional development for IT specialists

Leaders must be committed to continually improving their teams' skills and knowledge in IT...

Canberra's face-off with Facebook

Is the news media bargaining code a victory for all Australian news content producers, or is it...

The privacy problems of COVID tracing apps

We can't rely on technology to keep COVID tracing app data safe; rather, we need strong legal...

  • All content Copyright © 2021 Westwick-Farrow Pty Ltd