AWS claims to have blocked the largest DDoS attack in history

News
By Bobby Hellard
published

Cloud giant reveals three days of malicious traffic hit a peak of 2.3 Tbits/sec

DDoS attack

Amazon has revealed that its online cloud fended off what's considered to be one the largest distributed denial of service (DDoS) attacks in history.

The incident happened in February, hitting 2.3 Tbits/sec at its peak, according to a report from AWS Shield, smashing the previous peak record of 1.7 Tbits/sec.

What is a DDoS attack? DDoS attacks could cost the UK £1bn FBI credited with global 85% reduction in DDoS attack size

The peak of the attack was 44% larger than anything the services had seen before and led to three-days of "elevated threat" status. Amazon Web Services provides the infrastructure for many websites, but the report doesn't identify which websites had been targeted by the attack.

"In Q1 2020, a known UDP reflection vector, CLDAP reflection, was observed with a previously unseen volume of 2.3 Tbps," the report stated. "This is approximately 44% larger than any network volumetric event previously detected on AWS."

"CLDAP reflection attacks of this magnitude caused 3 days of elevated threat during a single week in February 2020 before subsiding. Despite this observation, smaller network volumetric events are far more common. The 99th percentile event in Q1 2020 was 43 Gbps."

The attack in February was called a "reflection attack", which is thought to be an attempt to use a vulnerable third-party server to amplify the amount of data being sent to a victim's IP address. It relies on exploiting the Connectionless Lightweight Directory Access Protocol (CLDAP), which is often exposed due to configuration issues – though AWS doesn't suggest this to be the case for the February attack.

Downtime caused by DDoS accounts can have large financial implications. According to a 2019 report from Netscout, the size and scale of DDoS attacks in the UK could cost the country almost £1 billion per year. Part of the problem is that DDoS attacks are cheap and easy to deploy, according to Netscout.

In Q1 of 2020, there was a significant increase in both the quantity and Quality of DDoS attacks, according to Kaspersky. Not only have the number of attacks almost doubled, up by 80% against Q1 2019, these attacks have also become longer, the firm suggests.

Bobby Hellard
Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.