Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Akamai mitigated the largest ever PPS DDoS attack

Akamai announced to have mitigated a record distributed denial-of-service (DDoS) attack that hit a European bank. Akamai revealed that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked a record 809 million packets per second (PPS). “On June 21, 2020, Akamai mitigated the largest packet per second (PPS) distributed […]

DDoS attack-largest

Akamai announced to have mitigated a record distributed denial-of-service (DDoS) attack that hit a European bank.

Akamai revealed that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked a record 809 million packets per second (PPS).

“On June 21, 2020, Akamai mitigated the largest packet per second (PPS) distributed denial-of-service (DDoS) attack ever recorded on the Akamai platform. The attack generated 809 million packets per second (Mpps), targeting a large European bank.” reads the post published by Akamai.

The company did not disclose the name of the bank, it only said that the attack took place on June 21.

Experts consider this attack one of the largest DDoS ones to date, even if it was just of 418Gbps.

It is a new industry record for PPS DDoS attacks, it is over double the size of the previous record attack mitigated by the Akamai platform

DDoS attacks are almost always volumetric in nature and their magnitude is generally measured in bits per second (bps). 

In contrast, PPS-focused DDoS attacks aim at overwhelming network gear and/or applications in the customer’s data center or cloud environment. They are also volumetric, but PPS attacks saturate the resources of the gear, rather than the capability of the circuits.

The experts were impressed by the peak velocity, the speed at which the DDoS attack reached its peak was impressive.

“The attack grew from normal traffic levels to 418 Gbps in seconds, before reaching its peak size of 809 Mpps in approximately two minutes. In total, the attack lasted slightly less than 10 minutes.” continues the report.

Akamai revealed that the attack lasted less than 10 minutes, the experts speculate it was launched by a new botnet due to the involvement of a high number of IP addresses involved in the attack that were observed for the first time. 96.2% of the IP addressed involved in the attacks were seen for the first time by Akamai.

“This latest attack was clearly optimized to overwhelm DDoS mitigation systems via high PPS load,” Akamai says.

The company revealed that the sent packets carried a payload of just 1 byte in a total packet size of 29 with IPv4 headers, making it appear like every other one of its several billion peers.

A couple of weeks ago, Amazon’s AWS Shield service announced it has mitigated a 2.3 Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Tbps that took place in March 2018.

The analysis of RPS attacks revealed that according to Amazon’s metrics, the largest attack recorded in Q1 2020 had 293.1 RPS, which is 2.7 times smaller than the attack mitigated by Akamai on Sunday.

In April 2019, Imperva mitigated an RPS DDoS attack that peaked close to 580 million PPS. In May 2019 Imperva mitigated a DDoS attack that was 652 million PPS. 

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]