Akamai Discloses Details of Massive DDoS Attack

Akamai this week revealed it mitigated a massive 1.44 terabits-per-second (TBPS) distributed denial of service (DDoS) attack that for nearly two hours reached levels of 385 million packets per second (MPPS).

Roger Barranco, vice president of global security operations for Akamai, said the attack, which occurred in the first week of June, was the largest the company had ever seen.

In addition, Barranco said the attack was also noteworthy in the level of orchestration required to execute it. Rather than making use of a single botnet, the attack appears to have simultaneously leveraged multiple botnet services to launch a DDoS attack across nine different attack vectors. Normally, a DDoS attack is focused on only one to three vectors.

Finally, the attack was also globally distributed rather than concentrated within a single geographic region, said Barranco.

It’s too early to say whether the attack represents a shift in tactics for cybercriminals or was simply an anomaly. According to Barranco, the victim of the attack said it was politically motivated, not an attempt by cybercriminals to deliver malware payloads.

Most cybercriminals lately have focused their efforts on smaller, more concentrated DDoS attacks, noted Barranco. That pattern recently shifted after DDoS attacks appeared to be on a path to doubling in size every two years, he said.

As more devices become connected to the internet, cybersecurity teams should expect to see DDoS attacks increase in size, he noted, adding IT organizations should pay close attention to traffic patterns to detect these attacks as early as possible.

Less clear is whether future DDoS attacks might be orchestrated similarly. This type of attack might not only be more sustained, but also they could overwhelm what DDoS defense an organization has in place. As such, Akamai clearly expects more organizations will find it more expedient to rely on its network and security services to ensure the availability of web applications. The idea is that it’s better to consume external resources to mitigate a DDoS attack versus combatting those threats on an internal network.

In the meantime, DDoS-for-hire sites remain remarkably resilient despite law enforcement efforts to take them down. In fact, as conflicts flare up around the world, the potential for large-scale DDoS attacks grow. Many of those attacks tend not to be too concerned about any collateral damage they might inflict.

There are, of course, more free DDoS services being bundled with cloud services. However, as is often the case with any free IT, the capabilities tend to be limited in terms of both support and the size of attack that can be mitigated.

Regardless of the method of defense, many organizations will clearly have to revisit their strategies as DDoS attacks become larger and more sophisticated. After all, in the age of COVID-19, it’s arguable organizations have never been more dependent on web applications than they are right now.

Featured eBook
The Dangers of Open Source Software and Best Practices for Securing Code

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or ... Read More
Security Boulevard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 464 posts and counting.See all posts by mike-vizard