AWS mitigates largest DDoS attack ever at 2.3 Tbps

Get a free Techzine subscription!

Amazon Web Services successfully mitigated a 2.3 Tbps DDoS attack in February this year. It is the largest DDoS attack ever performed.

AWS published this data in its Q1 2020 threat report. The attack lasted a total of three days and was eventually mitigated by AWS Shield, a service designed to protect customers from DDoS attacks and other vulnerabilities. The company did not specify what the target of the attackers was or where the attack originated.

The DDoS attack used CLDAP Reflection. In the case of a reflection attack, cybercriminals use a vulnerable third-party server to amplify the amount of data sent to the victim’s IP address. This attack mainly uses CLDAP servers which are typically used to access shared folders on the Internet. These servers can increase the size of DDoS attacks by 56 to 70 times, which makes this protocol very popular for cybercriminals trading in DDoS services. According to ZDNet, these attacks have been taking place since 2016.

A new record

The DDoS attack of 2.3 Tbps is the largest attack ever carried out. To put the attack in perspective, the largest recorded DDoS attack until now took place in 2018 when NetScout Arbor was facing a 1.7 Tbps attack. Prior to that, GitHub was hit by a 1.35 Tbps attack.

According to Amazon, most DDoS attacks don’t even come close to what they experienced in February. In the first quarter of this year, 99 percent of DDoS attacks that targeted AWS were 43 Gbps or less.