Amazon Web Services Fights Off Massive DDoS Attack

Uploaded on 2020-06-27 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Amazon’s Shield protection service says that it successfully defended itself against the biggest Distributed Denial of Service (DDoS) attack ever recorded. Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes. 

In a formal report about its DDoS protection service, AWS Shield, the company said the peak of the attack had been 44% larger than anything the service had seen before and resulted in a three-days of "elevated threat" status. Amazon did not identify what website or online service had been targeted by the attack. 

A DDoS attack is when a cyber attacker floods a website with bot traffic so it is overloaded and has to be taken offline.
According to a regular report from Amazon’s AWS Shield division, which is specifically designed to safeguard Amazon cloud customers against DDoS attacks, the effort topped out at 2.3 terabits per second. AWS Shield, the security service that protects applications running on AWS cloud from DDoS attacks, blocked a 2.3TB per second (Tbps) attack in February. According to the BBC, the previous record, set in 2018, was 1.7Tbps.

Details of the attack were published in AWS’s Q1 Threat Report, which said that the attack was “approximately 44% larger than any network volumetric event previously detected on AWS.” It caused 3 days of elevated threat.

DDoS Attacks Surge As A Consequence Of Covid-19
Technology company Neustar has warned of a dramatic rise in DDoS attacks during the Covid-19 pandemic, with the company mitigating more than twice the number of attacks as in first quarter 2019. Non-profit organisations have also been particularly affected.

According to Cloudflare, DDoS attacks against US anti-racism advocacy groups increased 1,120-fold between 26 May and 01 June compared with the last week in April.

As news of AWS’s record breaking DDoS attack emerges, global content delivery network Akami also reported a significant attack. During the first week of June 2020, it mitigated an attack against an internet hosting provider, the largest the company has seen at 1.44Tbps

According to Cloudflare, 92 percent of the DDoS attacks mitigated by the service in the first quarter of 2020 were under 10 Gbps and another 47 percent were evens smaller – under 550 megabits per second.

The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, mitigated by NETSCOUT Arbor in March 2018 and prior to that, the biggest DDoS attack ever recorded was a 1.3Tbps DDoS attack that hit GitHub, a month before, in February 2018.

Amazon Web Services:       Brinkwire:       Verdict:         ZDNet:          BBC

You Might Also Read

The Future Of Ransomware Is In The Cloud:

 

 

« How Hackers Invade Your Computer
Companies Are Coughing Up Ransom To Recover Their Data »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NQA Certification

NQA Certification

NQA provides certification to a range of ISO standards including ISO 27001 for information security management.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

E2E Technologies

E2E Technologies

E2E Technologies are a proactive, SLA-beating, managed service provider that busts the common stereotypes surrounding IT.

ViewQwest

ViewQwest

ViewQwest is a regional telecommunications & information technology services company. We specialize in providing Connectivity, Managed Network, Managed SD-WAN, and Managed Security solutions.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

CirrusHQ

CirrusHQ

CirrusHQ are a Specialist AWS Advanced Consulting Partner with a focus on Cloud Management, DevOps, Migration and Consulting Services for the private and public sectors.