The Azure team announced that the company has observed a 2.4 Tbps DDoS attack in the last week of August. The attack targeted an Azure customer in Europe. The attack was 140% higher than the previous 1 Tbps attack in 2020, and it is higher than any network volumetric recorded.
70,000 sources and from multiple countries
Azure stated that the DDoS attack was originated from 70,000 different sources and multiple countries, such as Malaysia, Vietnam, Taiwan, Japan, China, and the United States. The attack vector was a UDP reflection that spans over 10 minutes with short bursts. Each burst ramped up in seconds to terabit volumes. Three main peaks during the attacks were 2.4 Tbps, 0.55 Tbps, and 1.7 Tbps.
The Azure team also stated that the control plane logic orchestrates the mitigation lifecycle. It can dynamically allocate mitigation resources to the most optimal locations, closest to the attack sources. In this example, attack traffic originated in the Asia-Pacific region, and the United States did not reach the customer region. Instead, it is mitigated at the source countries.