Microsoft says it encountered and successfully mitigated the largest Distributed Denial of Service (DDoS) attack on record in November 2021, when an adversary tried to take down a customer’s Azure services.
The incident involved an unnamed customer in Asia, who uses Microsoft’s Azure cloud computing service. The hacker harnessed 10,000 computers across the globe, including in the US, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan, to generate a massive 3.47Tbps DDoS attack, at a packet rate of 340 million packets per second (pps). The attack lasted for 15 minutes.
“Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak”, Microsoft added.
The amount of traffic exceeds two other DDoS attacks that occuured in December 2021, both in Asia. One was over 2.5 Tbps, and the other was 3.25 Tbps.
Microsoft seems to have defended all attacks without an incident.
Read more about it here.