Written by Senior Program Manager, Azure Networking
This blog post was co-authored by Alethea Toh, Program Manager and Syed Pasha, Principal Network Engineer, Azure Networking.
In early August, we shared Azure’s Distributed Denial-of-Service (DDoS) attack trends for the first half of 2021. We reported a 25 percent increase in the number of attacks compared to Q4 of 2020, albeit a decline in maximum attack throughput, from one terabit per second (Tbps) in Q3 of 2020 to 625 Mbps in the first half of 2021.
The last week of August, we observed a 2.4 Tbps DDoS attack targeting an Azure customer in Europe. This is 140 percent higher than 2020’s 1 Tbps attack and higher than any network volumetric event previously detected on Azure.
The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States. The attack vector was a UDP reflection spanning more than 10 minutes with very short-lived bursts, each ramping up in seconds to terabit volumes. In total, we monitored three main peaks, the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.
