A new distributed denial-of-service (DDoS) attack beat Akamai’s previous record set in July.
According to Akamai, the attack appears to have originated from the same threat actor as July’s record-breaking attack, implying that the operators are in further boosting their swarm. Akamai is a cybersecurity and cloud services firm.
The target is the same as in July: an anonymous client in Eastern Europe whose operations have been constantly hammered by DDoS. DDoS attacks are cyberattacks that overwhelm servers with bogus requests and junk traffic, leaving them inaccessible to genuine visitors and customers.
Escalation
The attacks reached record heights on September 12, when junk traffic transmitted to the targeted system peaked at 704.8 Mpps, nearly 7 percent more than the July attack. Akamai detected and prevented 201 attacks in total (up from 75 in July) and documented traffic sources from 1813 IPs (up from 512).
Aside from the sheer magnitude of the attack, the threat actors broadened their previously restricted targets, concentrating on the company’s principal datacenter. The threat actors targeted six datacenter sites in Europe and North America this time around.
Akamai’s observations
Akamai reports that the attackers’ command and control systems showed no delay in starting the multidestination assault, which escalated from 100 to 1,813 IPs active per minute in 60 seconds. The attackers intended to hit capabilities that are not considered vital, and are therefore not as well secured, but would nevertheless cause problems for the victim.
However, because of the July assault, the corporation had taken preparations and safeguarded all 12 datacenters, leading to 99.8 percent of attack traffic being pre-mitigated. The rationale for these continuous and large-scale attacks is unknown, though Eastern Europe has been at the forefront of hacktivism since the beginning of the year.