Microsoft revealed last month that it had thwarted one of the largest cyber attacks in its history.
The tech giant said it was able to fight a massive distributed service (DDoS) breach of 70,000 computers, most of them scattered across Asia.
The attack targeted one of its customers in Europe, via the company’s Azure cloud computing service, and was 140 percent higher than the highest attack bandwidth size Microsoft recorded in 2020.
DDoS attacks work by flooding the victim’s system with “internet traffic”, in an attempt to overload it and force it to go offline.
It is usually carried out through a network of devices that have been compromised using malicious software, to be controlled remotely.
Microsoft said this latest attack throttled its system with 2.4 terabytes of data every second (Tbps) – much larger than the 1Tbps attack late last summer.
It lasted for more than 10 minutes, with short-lived bursts of traffic peaking at 2.4 terabytes per second, 0.55 terabytes per second, and finally 1.7 terabytes per second.
To put the numbers in context, one terabyte is 1,000 gigabytes, which equates to hundreds of 4K movies.
It’s very difficult to flood a system with this amount of data every second, but Azure was able to stay online all the time due to its ability to absorb tens of terabytes of DDoS attacks.
“Attacks of this scale demonstrate the ability of bad actors to wreak havoc by flooding targets with massive traffic volumes in an attempt to throttle network capacity,” said Amir Dahan of Microsoft, Senior Program Manager, Azure Networking. “The attack traffic originated from approximately 70,000 sources and from multiple countries in the region Asia Pacific, such as Malaysia, Vietnam, Taiwan, Japan and China, as well as from the United States.
Microsoft did not name the Azure client that was targeted, but said it was able to prevent the attack.
These hacks can also be used as a cover for secondary attacks that try to spread malware and infiltrate company systems.
Dahan added, “Given Azure’s global uptake and advanced mitigation logic, the customer did not experience any impact or downtime. If the customer is operating in their own data center, significant financial damage is likely to be incurred, along with any intangible costs.” .
Microsoft said it also detected a 25% increase in the number of DDoS attacks since the last quarter of 2020.
Despite being one of the biggest attacks on Microsoft, it wasn’t the biggest DDoS attack ever.
In 2017, Google managed to block a massive 2.54 terabytes per second that was part of a “six-month campaign” that used “multiple methods of attack”.
Microsoft also fell victim to a massive ransomware attack, which spread to the computer systems of hundreds of private companies and public organizations around the world in May 2017.
Hospitals and doctors’ offices in England were forced to turn away patients and cancel appointments after the attack that paralyzed the NHS.