DDoS is one of the most used attacking methods that consists of several devices sending requests to a target IP. While it is a primitive attack method, it is still effective on targets without protections. Hopefully, most of the service and cloud providers handle these issues.
Three big DDoS attacks at the end of 2021
Microsoft has revealed its success in DDoS protection for the attacks aimed at Azure customers in 2021. According to the company, there have been three huge attacks that are larger than 2.4 Tbps (terabits per second). In November, a single attack reached 3.47 Tbps with a packet rate of 340 million per second. The 15-minute attack is the largest ever known.
Alethea Toh, product manager of Azure Networking at Microsoft stated that the attack has consisted of 10,000 sources from multiple countries such as the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan.
Two more attacks are blocked by Microsoft in December, that are also huge; surpassing 2.5 Tbps each. Two of them were aiming the Azure customers originated in Asia. The attacks have reached 3.25 Tbps and 2.55 Tbps, using the UDP vector.
In its report, Microsoft also added that long attacks became more popular, while shorter than 30-minute attacks declined from 74% to 57% in the second half of 2021. Threat actors are now preferring big attacks that consist of a short burst of attacks.
Most of the attacks were using the UDP spoof flood technique, by 55%. TCP ACK flood technique comes in second with 14% and the rest follows as DNS amplification, IP protocol flood, and NTP amplification.
Looking at the target industries, gaming seems to be the hardest hit sector where every millisecond of delay means dissatisfaction for its customers. The attacks on the financial institutions, media, ISPs, retail, and supply chains also increased in 2021.
Most of the attacks were aimed at the United States-based Azure customers, as usual. But this year, Indian customers had a huge spike for being the target; up from 2 percent in the first half of 2021 to 23 percent in the second half of 2021. Attacks on European customers dropped from 19 percent to 6 percent.