This ginormous DDoS attack generated over 800 million packets per second

News
By
published

Packet per second-based DDoS attacks aim to overwhelm network gear and applications

(Image credit: Shutterstock)

Akamai has announced that it mitigated the largest packer per second (PPS) DDoS attack ever recorded on its platform.

The attack, which targeted a large European bank, generated 809m packets per second (Mpps). Akamai believes this is a new industry record for a PPS-focused attack as it is more than double the size of the previous high-water mark on its platform.

DDoS attacks are usually volumetric in nature and are generally measured in bits per second (bps). While a traditional DDoS attack aims to overwhelm the inbound traffic by sending more traffic to a circuit than it is designed to handle, PPS-focused attacks are designed to overwhelm the network gear or applications in a user's data center or cloud environment.

Both kinds of attacks are volumetric but PPS attacks exhaust the resources of the gear as opposed to the capability of the circuits. These kinds of attacks are also much less common than BPS attacks.

PPS-focused DDoS attack

What was unique about the packets being sent in the massive DDoS attack mitigated by Akamai is the fact that there was also a massive increase in the amount of source IP addresses used. The number of source IPs that registered traffic to the company's customer increased substantially during the attack. Akamai saw upward of 600x the number of source IPs per minute compared to what it normally observes for this customer destination.

The vast majority of the attack traffic was sourced from IPs that have not yet been recorded in any attacks this year and the company believes this could indicate an emerging botnet. It was highly unusual that 96.2 percent of source IPs were observed for the first time.

The attack ,which occurred at the end of June, was remarkable not only for its size but also because of the speed at which it reached its peak. The attack grew from normal traffic levels to 418 Gbps in seconds before reaching its peak size of 809 Mpps in just two minutes. In total, the attack lasted for just less than 10 minutes. A large European bank was targeted in the attack and according to Akamai's research, financial services is a frequently targeted industry vertical.

After a long period of decline, DDoS attacks have resurfaced and cybercriminals recently launched the largest DDoS attack ever at 2.3 Tbps targeting AWS.

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Latest in News
Apple's Craig Federighi demonstrates the iPhone Mirroring feature of macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.
Report: iOS 19 and macOS 16 could mark their biggest design overhaul in years – and we have one request
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
Apple iPhone 16e
Which affordable phone wins the mid-range race: the iPhone 16e, Nothing 3a, or Samsung Galaxy A56? Our latest podcast tells all
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
More about security
botnet

YouTubers targeted by blackmail campaign to promote malware on their channels
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
Netflix

Netflix tried to fix 80s sitcom A Different World with AI but it gave us a different nightmare
See more latest
Most Popular
Ryzen AI Max+ 395
Race to launch most powerful AI mini PC ever heats up as GMKTec confirms Ryzen AI Max+ 395 product for May 2025
Apple iPhone 16e
Which affordable phone wins the mid-range race: the iPhone 16e, Nothing 3a, or Samsung Galaxy A56? Our latest podcast tells all
Apple's Craig Federighi demonstrates the iPhone Mirroring feature of macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.
Report: iOS 19 and macOS 16 could mark their biggest design overhaul in years – and we have one request
Whirlwind I Computer
Happy birthday, Director! The first operating system in the world turns 70 today
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
Tesla Model 3
Tesla's EV sales are plummeting – as used Model Y and Model 3 prices crash to bargain levels
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
A computer screen showing a spreadsheet in use.
This entire nation's public health department was found to be running on a single Excel spreadsheet
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
Glowing server racks inside a data center.
The dirty little secret about AI hardware that you should know about: server vendors have to wrestle with wafer thin margins and bigger customers