Microsoft Azure customer hit by largest ever 3.47 Tbps DDoS attack

Microsoft says it mitigated a DDoS attack that lasted approximately 15 minutes against one of its Azure customers in Asia.

A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed on January 25, 2022.

The DDoS attack lasted approximately 15 minutes and included a botnet of more than 10,000 compromised IoT (Internet of Things) devices from countries across the globe. These included Iran, India, China, Russia, Taiwan, Vietnam, Thailand, Indonesia, South Korea, and the United States. 

Although it is unclear who was behind the attack, Microsoft’s report titled “Azure DDoS Protection—2021 Q3 and Q4 DDoS attack trends” dug deeper into the attack. According to the company, the attack was mitigated however the attacker employed different methods to boost the DDoS attack.

Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak.

Alethea Toh Product Manager, Azure Networking

Microsoft’s report further disclosed that there has been a surge in DDoS attacks with the United States and

Read More: