Tomcat
Professional
- Messages
- 2,687
- Reaction score
- 1,036
- Points
- 113
Akamai said that last Sunday, June 21, 2020, a large European bank (name not disclosed) became the target of one of the most powerful DDoS attacks in history. Although the power of this attack was only 418 Gbps, the experts recorded up to 809 million packets per second.
It is worth recalling here that DDoS attacks are also different: their intensity is measured in bits per second (BPS), packets per second (PPS) or requests per second (RPS). For example, attacks on maximum BPS are usually aimed at exhausting the Internet channel, PPS are more often used to attack network devices and applications in clouds and data centers, and the usual targets of RPS attacks are edge servers where web applications are executed.
The researchers write that the incident did not last very long (about 10 minutes), but the attack “accelerated” to dangerous power very quickly. It took only a few seconds for the normal traffic level to rise to 418 Gbps, and about two minutes for the attack to peak at 809 Mpps.
According to experts, a new botnet is behind this incident, thus making its appearance for the first time. This conclusion is based on the large number of IP addresses involved in the attack, many of which were seen for the first time: 96.2% of them were unknown to the company's analysts. During the attack, the number of IP addresses typically seen for this client jumped 600 times.
Akamai claims this is a new record for PPS-type DDoS attacks. The previous most powerful attack in this area occurred earlier this month and showed only 385 million packets per second, which means that now the previous figure was more than doubled.
Experts note that the new attack was clearly optimized to counter DDoS protection systems and was focused on the maximum PPS. For example, packets sent by the attackers had a payload of only 1 byte for a total packet size of 29 bytes with IPv4 headers, which hid them among several billion peers.
Let me remind you that this is the second DDoS record broken this month. Earlier in June 2020, Amazon AWS Shield mitigated a BPS attack reaching 2.3 TB / sec. It would seem that against this background, the fresh incident of Akamai, with a capacity of only 418 Gbps, does not look so impressive anymore. But, as mentioned above, it's all about different types of attacks. Thus, according to Amazon statistics, the largest PPS attack recorded by the company this year was only 293.1 million packets per second, which is 2.7 times less than the attack reflected by Akamai.
