Akamai Technologies detected a Distributed Denial of Service (DDoS) attack on a website in early June.
The “fake visitor flood” attack was 1.44 terabits per second and 385 million packets per second. “The largest volumetric attack faced by Akamai,” wrote Dark Reading, Wednesday (June 16, 2020).
Akamai is a leading content delivery network (CDN) provider and cloud security solution. In addition, Akamai also provides DDoS attack mitigation solution services.
Unfortunately, Akamai did not want to be open with the name of the targeted company. Another attack that they also monitored reached 500 gigabytes per second. Although the attacks were separate, the two websites were from the same web hosting provider.
However, Akamai’s Vice President of Global Security Operations, Roger Barranco, said that it appeared that the attack was for another reason, not targeting the hosting provider.
“The different types of data used in the attack, along with significant signs of coordination, suggest the attackers were knowledgeable, he said.
This DDoS attack was different from most attacks, Barranco said, because it used more than nine types of traffic, far more than the two or three types used in typical attacks.
“And the traffic spike lasted about an hour,” he said, adding that most attacks were measured in minutes.
“It’s been a long time since we’ve seen an attack that long and that large,” Barranco said.
Over the past 24 months, the average DDoS attack has been around 250,000 packets per second, according to Akamai’s State of the Internet (SOTI) report.
Very few attacks have spiked much above that average, according to Akamai. Security firm Imperva also recorded an attack of 500 million packets per second in early 2019.
“What’s really different in this case is the coordination,” Barranco said.
“The actors were able to get their hands on some tools. It didn’t come from one region. That means someone had the capability or the tools to do that level of attack.”
Akamai said it quickly responded to the DDoS attack. “Most of the attacks were contained within seconds, but it took about 10 minutes to get 100 percent contained,” Barranco said.
To that end, he recommends that companies learn about their traffic patterns and what traffic is needed for their business before they are targeted.
“A lot of companies don’t have a good handle on their traffic patterns,” he said.
“If you get hit with a DDoS, you have a good chance of mitigating it, but you also have a good chance of mitigating the good traffic,” he added.