AWS stops largest DDoS attack ever
Amazon's AWS Shield service mitigated a 2.3 Tbps DDoS attack earlier this year
Amazon has revealed that its AWS Shield service was able to mitigate the largest DDoS attack ever recorded at 2.3 Tbps back in February of this year.
The company's new AWS Shield Threat Landscape report provided details on this attack and others mitigated by its AWS Shield protection service.
While the report did not identify the AWS customer targeted in the DDoS attack, it did say that the attack itself was carried out using hijacked CLDAP (Connection-less Lightweight Directory Access Protocol) web servers and lasted for three days.
- DDoS attacks soar after long period of decline
- New round of DDoS attacks powered by WSD protocol
- Also check out our roundup of the best antivirus software
Since late 2016, this protocol has often been used in DDoS attacks as CLDAP servers can amplify DDoS traffic by 56 to 70 times is initial size. CLDAP is also a highly sought-after protocol by cybercriminals and it is provided by many DDoS-for-hire services.
DDoS attacks
The DDoS attack mitigated by AWS Shield in February of this year now holds the record for the largest of its kind yet.
The previous record is held by a 1.7 Tbps attack which was mitigated by Netscout Arbor back in March of 2018 and a month before that, GitHub was hit with a 1.3 Tbps DDoS attack.
Both the Netscout and GitHub DDoS attacks abused Memcached servers which were exposed on the internet in order to reach massive bandwidths. During that time, Memcached was a new DDoS attack vector and cybercriminals abused over 100,000 Memcached servers.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Recently though, DDoS attacks have declined in both number and frequency as a result of ISPs, content delivery networks and other internet businesses working together to secure vulnerable Memcached systems. However, Kaspersky released a report last year that said DDoS attacks were on the rise as more DDoS-for-hire websites were launched.
These days DDoS attacks usually peak at around 500 Gbps and are much smaller in scale. The recent attack mitigated by Amazon is an outlier and hopefully doesn't become the norm going forward.
- We've also highlighted the best DDoS protection
Via ZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.