Amazon Web Services Fights Off Massive DDoS Attack

Uploaded on 2020-06-27 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Amazon’s Shield protection service says that it successfully defended itself against the biggest Distributed Denial of Service (DDoS) attack ever recorded. Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes. 

In a formal report about its DDoS protection service, AWS Shield, the company said the peak of the attack had been 44% larger than anything the service had seen before and resulted in a three-days of "elevated threat" status. Amazon did not identify what website or online service had been targeted by the attack. 

A DDoS attack is when a cyber attacker floods a website with bot traffic so it is overloaded and has to be taken offline.
According to a regular report from Amazon’s AWS Shield division, which is specifically designed to safeguard Amazon cloud customers against DDoS attacks, the effort topped out at 2.3 terabits per second. AWS Shield, the security service that protects applications running on AWS cloud from DDoS attacks, blocked a 2.3TB per second (Tbps) attack in February. According to the BBC, the previous record, set in 2018, was 1.7Tbps.

Details of the attack were published in AWS’s Q1 Threat Report, which said that the attack was “approximately 44% larger than any network volumetric event previously detected on AWS.” It caused 3 days of elevated threat.

DDoS Attacks Surge As A Consequence Of Covid-19
Technology company Neustar has warned of a dramatic rise in DDoS attacks during the Covid-19 pandemic, with the company mitigating more than twice the number of attacks as in first quarter 2019. Non-profit organisations have also been particularly affected.

According to Cloudflare, DDoS attacks against US anti-racism advocacy groups increased 1,120-fold between 26 May and 01 June compared with the last week in April.

As news of AWS’s record breaking DDoS attack emerges, global content delivery network Akami also reported a significant attack. During the first week of June 2020, it mitigated an attack against an internet hosting provider, the largest the company has seen at 1.44Tbps

According to Cloudflare, 92 percent of the DDoS attacks mitigated by the service in the first quarter of 2020 were under 10 Gbps and another 47 percent were evens smaller – under 550 megabits per second.

The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, mitigated by NETSCOUT Arbor in March 2018 and prior to that, the biggest DDoS attack ever recorded was a 1.3Tbps DDoS attack that hit GitHub, a month before, in February 2018.

Amazon Web Services:       Brinkwire:       Verdict:         ZDNet:          BBC

You Might Also Read

The Future Of Ransomware Is In The Cloud:

 

 

« How Hackers Invade Your Computer
Companies Are Coughing Up Ransom To Recover Their Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

King & Spalding

King & Spalding

King & Spalding is an international law firm with offices in the United States, Europe and the Middle East. Practice areas include Data, Privacy & Security.

CERT-In

CERT-In

CERT-In is a functional organisation of the Ministry of Information & Electronics Technology, Government of India, with the objective of securing Indian cyber space.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

BigWeb Technologies

BigWeb Technologies

BigWeb Technologies is dedicated to provide its clients with ICT related services including Infrastructure Solutions, Consultancy and Security.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst

Rogers Cybersecure Catalyst helps Canadians and Canadian companies seize the opportunities and tackle the challenges of cybersecurity.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Connectria

Connectria

Connectria provides cloud hosting, remote monitoring, and compliant cloud security solutions and services to enterprises, medium and small businesses.

PizzlySoft

PizzlySoft

PizzlySoft is a global company that is seeking convergence of network and security / software and hardware. We put our value on creating the best security.

Swiss It Security Group

Swiss It Security Group

Swiss It Security Group offers clients complete IT security concepts based on innovative solutions and technology, with a focus on protection, detection and defence.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Tenet3

Tenet3

Tenet3's vision is to make optimal cyber strategy development tractable, data driven, with concrete success metrics. The result is cost effective cyber resilience for our customers.

DOT Europe

DOT Europe

DOT Europe is a consensus based organisation which brings a diverse membership together to agree on their collective stance on EU tech policy.