Amazon Web Services Fights Off Massive DDoS Attack

Amazon’s Shield protection service says that it successfully defended itself against the biggest Distributed Denial of Service (DDoS) attack ever recorded. Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes. 

In a formal report about its DDoS protection service, AWS Shield, the company said the peak of the attack had been 44% larger than anything the service had seen before and resulted in a three-days of "elevated threat" status. Amazon did not identify what website or online service had been targeted by the attack. 

A DDoS attack is when a cyber attacker floods a website with bot traffic so it is overloaded and has to be taken offline.
According to a regular report from Amazon’s AWS Shield division, which is specifically designed to safeguard Amazon cloud customers against DDoS attacks, the effort topped out at 2.3 terabits per second. AWS Shield, the security service that protects applications running on AWS cloud from DDoS attacks, blocked a 2.3TB per second (Tbps) attack in February. According to the BBC, the previous record, set in 2018, was 1.7Tbps.

Details of the attack were published in AWS’s Q1 Threat Report, which said that the attack was “approximately 44% larger than any network volumetric event previously detected on AWS.” It caused 3 days of elevated threat.

DDoS Attacks Surge As A Consequence Of Covid-19
Technology company Neustar has warned of a dramatic rise in DDoS attacks during the Covid-19 pandemic, with the company mitigating more than twice the number of attacks as in first quarter 2019. Non-profit organisations have also been particularly affected.

According to Cloudflare, DDoS attacks against US anti-racism advocacy groups increased 1,120-fold between 26 May and 01 June compared with the last week in April.

As news of AWS’s record breaking DDoS attack emerges, global content delivery network Akami also reported a significant attack. During the first week of June 2020, it mitigated an attack against an internet hosting provider, the largest the company has seen at 1.44Tbps

According to Cloudflare, 92 percent of the DDoS attacks mitigated by the service in the first quarter of 2020 were under 10 Gbps and another 47 percent were evens smaller – under 550 megabits per second.

The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, mitigated by NETSCOUT Arbor in March 2018 and prior to that, the biggest DDoS attack ever recorded was a 1.3Tbps DDoS attack that hit GitHub, a month before, in February 2018.

Amazon Web Services:       Brinkwire:       Verdict:         ZDNet:          BBC

You Might Also Read

The Future Of Ransomware Is In The Cloud:

 

 

« How Hackers Invade Your Computer
Companies Are Coughing Up Ransom To Recover Their Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Cyber Security Cloud (CSC)

Cyber Security Cloud (CSC)

Cyber Security Cloud provides web application security services worldwide using world's leading cyber threat intelligence and AI technology.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

Pyxsoft PowerWAF

Pyxsoft PowerWAF

Pyxsoft PowerWAF responds to the problem of business cybersecurity. We protect our clients' websites and data against attacks and exploitation of all kinds of vulnerabilities.

Pentest Limited

Pentest Limited

Pentest Limited provide information security consultation, penetration testing & red teaming services to companies across the globe.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

CyberconIQ

CyberconIQ

CyberconIQ provide an integrated Human Defense Platform that reduces the probability and/or the cost of a cybersecurity breach by measurably improving our clients risk posture and compliance culture.

Womble Bond Dickinson

Womble Bond Dickinson

Womble Bond Dickinson is a transatlantic law firm, providing high-quality legal experience and outstanding personal service from key locations across the United Kingdom and United States.