November was a memorable month for Microsoft’s Azure team, as the group had to contend with what is believed to be the largest distributed denial-of-service attack in history.
As detailed in an Azure blog post regarding DDoS attack trends in Q3 and Q4 2021, Microsoft encountered and successfully fended off a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps) in November. The attack, which targeted an undisclosed customer in Asia, is “the largest attack ever reported in history,” according to Microsoft.
“This was a distributed attack originating from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan,” Microsoft explained.
“Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak, and the overall attack lasted approximately 15 minutes.”
December was also an eventful month for the Azure team, as it had to mitigate two more attacks that surpassed 2.5 Tbps. The first, a 2.25 Tbps UDP attack, lasted for over 15 minutes, while the other, a 2.54 Tbps attack, lasted just a bit over five minutes. Asia was also the target for these two attacks.