Cloud Hosting

Amazon Web Services Inc. today revealed that it managed to mitigate a 2.3terabytes-per-second distributed denial-of-service attack in February, the largest DDoS attack ever recorded.

Detailed in the AWS Shield Threat Landscape Report- Q1 2020, the attack lasted three days, with those behind it unsuccessful in knocking Amazon cloud services offline.

The attack was a so-called Connection-less Lightweight Directory Access Protocol reflection-based attack.A CLDAP reflection attack involves an attacker sending a CLDAP request to a LDAP server with a spoofed sender IP address the targets IP address. The server mounts a bulked-up response to the targets IP address, causing the reflection attack, hence the name.

The ultimate aim, as with all DDoS attacks, is to flood the target with a massive amount of data to disrupt normal traffic, making the website or app hosted on the server unresponsive.

While specifically mentioning the attack, the AWS report notes that smaller network volumetric events are far more common. The 99th percentile events in the first quarter of 2020 is said to have been 43 gigabytes per second.

The reportalso notes that after CDLAP reflection attacks, the second-most common DDoS vector observed by AWS in the first quarter were SYN flood attacks. A SYN flood is a form of DoS attack in which an attacker sends repeated SYN packets to every port on a targeted server often using a fake IP address.

According to Imperva, the server, unaware of the attack, receives multiple, apparently legitimate requests to establish communication. It responds to each attempt with a SYN-ACK packet from each open port, eventually causing the servers connection overflow tables to fill and thus denying access to legitimate clients.

The previous known record for a DDoS attack was an attack that targeted GitHub Inc. in March 2018, which peaked at 1.2 Tbps.

With computing power growing, so too are the size of DDoS attacks. If not for the AWS2.3Tbps DDoS attack, the new record would actually involve a web host supported by Akamai Technologies Inc. in June.

A new report published by Fahmida Y. Rashid at Duo Security details a DDoS attack targeting a website hosted by a hosting provider that peaked at 1.44 Tbps, the largest Akamai has ever seen. The main attack lasted for an hour and a half with smaller attacks targeting the website later.

Similar to the AWS report, these attacks involved volumetric attacks and floods of ACK, SYN, UDP, NTP, TCP reset and SSDP packets, multiple botnet attack tools and CLDAP reflection.

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.

Wed also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we dont have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary onSiliconANGLE along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams attheCUBE take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here,please take a moment to check out a sample of the video content supported by our sponsors,tweet your support, and keep coming back toSiliconANGLE.

Here is the original post:
AWS mitigated a record-breaking 2.3 Tbps DDoS attack in February - SiliconANGLE