• Sun. Oct 17th, 2021

Microsoft thwarted biggest DDoS attack in its history


Oct 13, 2021

Microsoft’s Azure platform recently absorbed a large-scale DDoS attack, one of the most powerful on record.

Microsoft recently thwarted the biggest attack DDoS never recorded by its services in terms of flow. This attack, which occurred last August, allegedly targeted an Azure center, the name of the Redmond firm’s cloud infrastructure. For ten minutes, the network would have suffered an assault of dizzying power with a peak recorded at 2.4 Tbps (2400Gb per second).

A figure comparable to the attacks that have affected Amazon Web Services and Google in the past. Both suffered attacks with peaks of 2.3 and 2.54Tbps respectively. In terms of the raw amount of data, according to The Verge, it would even be the “biggest DDoS attack ever recorded”. An assertion that is difficult to verify, but which says a lot about its scope.

70,000 machines involved

This data is particularly important in the case of a DDoS (Distributed Denial-of-Service) attack. This maneuver consists of flooding the targeted network with unnecessary requests in order to saturate it; if the attack is of sufficient magnitude, the network is therefore catatonic, and all the associated services are disrupted.

Often these attacks do not come from a single source, especially on this scale. They are led by a “botnet”, an army of zombie machines infected by upstream hackers. In this case, the communicated explains that the authors had access to about 70,000 different machines. These were mainly located in Asia and the United States, and would have targeted a European client.

© Microsoft

Prevention is better than cure

Despite this huge data flow, Azure services have managed to hold up without impacting the services. Fortunately, knowing that many businesses and institutions rely heavily on Azure today, some of them very large.

A success of which their teams do not fail to be proud; we must admit that to contain an attack of this magnitude requires having a very well prepared infrastructure. And apparently Azure did it without batting an eyelid. In its press release, Microsoft explains that its architecture would be able to absorb “dozens of terabits” before succumbing to a DDos attack.

During a DDoS attack, attackers can be spread all over the world. © The Digital Artist – Pixabay

For individuals or less muscular companies, there are services that protect against it. The best known is certainly Cloudflare, who claims to have already stopped a 1.2 Tbps attack on behalf of a client. But the situation is different for large services, such as GiitHub which paid the price in 2018. And at a time when DDoS attacks tend to increase, it will be increasingly important to be armed to respond to them.