Microsoft says it mitigated one of the largest ever DDoS attacks

Microsoft has revealed that in August 2021, it mitigated one of the largest distributed denial of service (DDoS) attacks ever recorded. The 2.4Tbps attack targeted an Azure cloud computing service client based in Europe and surprisingly resulted in minimal downtime for users. The size of the attack is second only to a 2.54Tbps DDoS attack directed at Google in 2017, though higher than any attack ever recorded on Azure previously. 

What is a DDoS attack?

Before we dive into what happened to Microsoft, here is a quick definition of a DDoS attack. DDoS attacks involve flooding the servers of websites and online services with vast amounts of malicious traffic from multiple sources. The end goal of DDoS attacks is to have the servers reach their capacity limit so they will not function correctly. This often results in the website or service being offline for a period of time. 

Find out more about DDoS attacks in this blog post.

What happened to Microsoft?

According to Microsoft, the attack lasted over ten minutes with three short bursts of high-volume traffic, the first measuring 2.4 Tbps, the second 0.55 Tbps, and the third 1.7 Tbps. They say the attack originated from around 70,000 sources mostly located in the Asia-Pacific region — including Japan, Malaysia, and China — as well as the United States. Typically an attack of this magnitude would take a website or service offline immediately. However, Azure is well-equipped to deal with such attacks and experienced almost no downtime as a result.

Azure’s powerful DDoS protection

So how did they avoid catastrophe? That would be due to Azure’s DDoS protection platform. Built on distributed DDoS detection and mitigation pipelines, the platform can withstand tens of terabits of DDoS attacks. So, while this was one of the largest ever recorded DDoS attacks, the platform likely could have absorbed far more traffic if it came to it. 

Wrap up

Cyberattacks on such a scale as this one are hard to fathom, so it’s doubly impressive that Microsoft managed to successfully address it promptly without fuss or interruption to service.

Share on Twitter, Facebook, Google+