A DDoS (Distributed Denial of Service) attack is a malicious attempt to make a machine or network resource unavailable to its intended users. With the growing number of people and businesses relying on the Internet, the frequency and severity of these attacks has increased. One such attack recently took down an Eastern European website for hours, leaving customers unable to make online purchases.
Akamai has announced that it has taken on the world’s largest-ever publicly known distributed denial of service (DDoS) attack to date. The attack on this unfortunate Eastern European organization, which peaked at over 700 million packets per second, was too much and Akamai took it down.
This latest traffic surge hit on July 10th according to the web hosting industry. The cybercriminals behind the earlier internet attack have not been identified yet. It turns out that the DDoS attack may have been the same client both times. The latest one was actually from a different source and on a different day, though.
In comparison, the July attack peaked at 659.6 Mpps with the organization coming under attack 75 times at its primary data center. Last week’s attack peaked at 704.8 Mpps, Akamai has said, and hit six locations globally. The packets were primarily UDP in both incidents, and while the July attack targeted 512 IP addresses, the September attack went after 1,813 in total.
It took only a minute for Akamai’s Craig Sparling to write the following passage: “The attackers command and control system had no delay in activating the multi-destination attack, which escalated within 60 seconds.”
An Akamai spokesperson told The Register that they cannot provide any additional information about their Eastern European client due to security concerns.
The company also declined to comment on the botnet and/or cybercriminals behind the attack, but underneath their blog is a “Addition Information” section with two CISA alerts. One is an article focused on how to protect critical infrastructure from Russian state sponsored cyber attacks and the other is a more general summary of Russia’s online behaviors.
More than three years on, it is clear Russia attacked Ukraine with a DDoS attack. Russian teams have continued to carry out these cyber attacks against other countries too.
Apparently, Akamai’s Proleague platform contributed significantly to tackling the DDoS threats. With over 20 high-capacity traffic scrubbing centers around the world, it contains a lot of data protection. Their Hong Kong, London and Tokyo locations seem to have shut out a lot of the bots used for DDoS flooding
A potential nuclear issue
It’s no secret to The Register’s readers that we’ve been hacked with more regularity lately. These record-breaking DDoS attacks are happening more frequently, and there probably won’t be another hack quite like the one we experienced this week.
Security firm Radware just released data [PDF] showing that the average number of DDoS attacks mitigated per customer jumped 203% during the first six months of this year, compared to last year. There’s also been a 239% increase in this metric when comparing the first six months of this year to the last six months.
Earlier this month, Google revealed it blocked the largest ever HTTPS-based DDoS to date in June. During the attack, approximately 46 million requests per second were directed at its system pretending to be legitimate requests.
The record-breaking attack this March surpassed the previous one we had to deal with in February and was followed by another DDoS attack of unprecedented magnitude. We stepped up to these challenges and once again showed that Cloudflare defenses can’t be breached so easily.
It’s no news that organizations are struggling to stay ahead of the latest cyber attacks, but this recent attack indicates a rapidly escalating “DDoS arms race” between attacker and victim. The defender needs to maintain the balance in order to stay two steps ahead of hackers looking for a fast lane in.