When things are put in the cloud, processes that include building, testing, deploying, and managing of apps and services can be centralized for better control and security.
Microsoft is one among a few cloud giants operating by offering their services to customers. Through Azure, the tech giant offers customers cloud offerings through Microsoft-managed data centers.
This time, Microsoft said that it was able to mitigate a 2.4 terabytes per second Distributed Denial-of-Service (DDoS) attack in August. The attack targeted an Azure customer in Europe, and was 140% higher than the highest attack bandwidth volume Microsoft recorded in 2020.
The attack that lasted more than 10 minutes, came through short bursts of traffic, with the first reaching the maximum throughput at 2.4 Tbps and the subsequent going up to 0.55 Tbps and 1.7 Tbps.
Such huge DDoS traffic is considered among the biggest DDoS attack in recorded history, to date.
“The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States,” explained Amir Dahan, a senior program manager for Microsoft’s Azure networking team, in a blog post.
Cyberattacks have become increasingly common and highly sophisticated.
One of the most common types of cyberattack, is a DDoS. This method floods a target's system with "internet traffic", in order to overload it resources and forcing the system to go offline.
DDoS attacks are usually performed using armies of botnets, which are networks of machines that have been compromised using malware or malicious software to control them remotely.
This can be used to target websites, computer servers and also individual internet users.
Anything that can connect to the internet can be at risk of a DDoS attack.
"Attacks of this size demonstrate the ability to wreak havoc," said Microsoft's Amir Dahan. "By flooding targets with gigantic traffic volumes trying to choke network capacity."
The company said that Azure managed to block the attack on the customer.
"In this case, attack traffic which originated in the Asia-Pacific region and the United States did not reach the customer region," Amir said. "But was instead mitigated at the source countries."
Microsoft said that it has also detected a 25% increase in the number of attacks since the last quarter of 2020.
While the number of DDoS attacks have increased in 2021 on Azure, the maximum attack throughput had declined to 625 Mbps before this 2.4 Tbps attack happened. Microsoft doesn’t name its Azure customer in Europe that was targeted, but such attacks can also be used as cover for secondary attacks that attempt to spread malware and infiltrate company systems.
Microsoft worries that the incident is proving that DDoS cyberattacks are becoming increasingly powerful.
This can cause problems during the digital transformation that is accelerated significantly during the COVID-19 pandemic.
"Bad actors, now more than ever, continuously look for ways to take applications offline. Therefore, organizations should give their utmost attention to developing a robust DDoS response strategy [...] ."
"Whether in the cloud or on-premises, every organization with internet-exposed workloads is vulnerable to DDoS attacks."