Defining DDoS defence design
Voice and Data|July,2020
Defining DDoS defence design
The 2.3 Tbps DDoS attack on AWS highlights that enterprises should use zero-trust approach to secure applications in a multi-cloud environment and decide what not to expose
PAUL NICHOLSON

We have reached another milestone with the largest distributed denial of service (DDoS) attack on the record being reported by Amazon Web Services (AWS) at 2.3 Tbps in the first quarter of 2020. This surpasses the last record attack by a whopping 70%. The previous record-holder was the Memcachedbased GitHub DDoS attack that measured 1.35 Tbps on 28 February 2018.

Effectively, these headline-grabbing “performance gains” in DDoS attacks have been escalating steadily over the last four years, with a major high-profile attack every two years. This trend includes the watershed Mirai botnet attacks of 2016.

Arguably, Mirai represented the highest-profile set of DDoS attacks with the “innovative” multi-vector botnet attack targeting security blogger, Brian Krebs, at 620 Mbps, and continued with the report the next month from the French hosting company OVH of 1.2 Tbps. This DDoS attack, at over a terabit per second, was the first-ever seen.

The Mirai botnet attack code was open-sourced, and to attempt to unsuccessfully hide its authors, many variants were created. These still plague us today. Each of these record-setting DDoS attack has been different, but each can help us learn to develop better defenses.

Is this really the largest DDoS attack?

Scanning through the history and records of DDoS attacks one can note that despite its enormity this was not the largest attack. We have had first-hand customer reports of attacks larger than this just last year. However, this certainly is the largest publicly disclosed attack on record to date, and thus, it represents an important milestone.

Many organizations do not publicly disclose the extent or volume of attacks they experience. For example, one of our hosting customer showed statistics of DDoS detections and mitigations totaling over 25,000 in a 90-day period. This is not typically disclosed, and the attacks are steadily absorbed into a well-planned DDoS defense infrastructure.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

July,2020