Akamai said it mitigated the largest European DDoS attack on record

2 Aug 2022

Image: © Melinda Nagy/Stock.adobe.com

Akamai said the DDoS attack reached a peak of 659m packets per second, but was ‘pre-mitigated’ with no collateral damage to the victim.

Akamai Technologies said it recently detected the largest distributed denial-of-service (DDoS) attack Europe has seen to date.

The US cloud and security company said one of its customers in Eastern Europe on the Prolexic platform was targeted 75 times over a 30-day period with horizontal attacks.

A DDoS attack is an attempt to make an online service unavailable by overwhelming it with high volumes of data from multiple sources.

Akamai said this record-breaking attack targeted a “swathe of customer IP addresses”. It was detected on 21 July and quickly peaked in traffic within 14 hours. The attack campaign reached 659m packets per second (PPS) and eventually had a volume of 853GB per second.

Typically, multiple compromised computer systems are used as sources of attack traffic in a DDoS attack. Based on the attack traffic, Akamai said the threat actors appear to have leveraged a “highly sophisticated, global botnet of compromised devices” to orchestrate this attack.

“Without the right defences, even a robust, modern network would likely collapse under an assault of this magnitude, making any online business that’s reliant on that connection completely inaccessible,” said Akamai senior product manager Chris Sparling in a blogpost.

Akamai said it used a combination of technology, people and processes to “pre-mitigate the assault with no collateral damage”. The company added that it used more than 225 frontline responders across six global locations.

The tech company said the risk of DDoS attacks has “never been greater” with “unprecedented innovation” in the threat landscape. The Akamai report listed several recommendations for organisations to mitigate these attacks.

These include reviewing critical subnets and IP spaces to ensure they have mitigation controls, creating a crisis response team and deploying DDoS security controls in an “always-on” mitigation posture.

DDoS attacks appear to be growing more intense and sophisticated. In June, internet infrastructure company Cloudflare said it mitigated a record-breaking DDoS attack that generated more than 212m requests from more than 1,500 networks in less than 30 seconds.

In March, Akamai said DDoS attackers are using a new attack vector that provides a record-breaking amplification ratio of nearly 4.3bn to one. A higher amplification ratio makes it easier for attackers to overwhelm systems with fewer packets.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic