Microsoft revealed that it thwarted a massive DDoS attack of 2.4Tbps. The attack leveraged Microsoft Azure and was launched against a European customer. 

What do we know about the attack?

  • The attack originated from around 70,000 sources located in Asia Pacific countries - Malaysia, China, Vietnam, Taiwan, and Japan, along with the U.S.
  • The attack vector consisted of a UDP reflection that went on for 10 minutes in short bursts. 
  • The attack was observed in three peaks of which the first one was at 2.4Tbps, second at 0.55Tbps, and third at 1.7Tbps. 

Why this matters

Conventionally, DDoS attacks lead to more damaging attacks or serve as a way to demand huge ransoms from victims. Even if victims can spare a few million monies to save their reputation and downtime cost, it is not guaranteed that the onslaughts would cease. 

Some DDoS stats

  • Low bandwidth DDoS attacks increased by 233% in H1 2021.
  • More than 99% of these attacks were less than 10Gbps.
  • Around 40% of low bandwidth attacks were significantly amplified via TCP ACK traffic as a new attack vector. 
  • UDP-based attacks represented 43.69% of all attacks in the first half of the year. Nexusguard has identified three different UDP-based attacks.

These bits and pieces DDoS attacks can incapacitate CSPs and ISPs if detection is solely reliant on signature-based methods. 

Some DDoS threats

A new ransomware strain, Yanluowang, has warned its victim to not take the help of law enforcement regarding a ransomware attack. On breaking the rules, the attackers have threatened to conduct DDoS attacks and make calls to the victim’s partners and customers. 
Dutch police sent a warning to 29 individuals who bought services from a website offering DDoS-for-hire. 

The bottom line

UDP flood and UDP reflection attacks have become quite popular among cybercriminals. Digital transformation is moving at an extremely rapid pace, especially since the COVID-19 pandemic hit. Hence, it is crucial that proactive security measures are put in place and employees are properly trained about cybersecurity hygiene.

Cyware Publisher