SoylentNews

Microsoft Azure Fends Off Huge DDoS Attack

posted by martyb on Wednesday October 13 2021, @12:32AM   

upstart writes:

Microsoft Azure fends off huge DDoS Attack:

Distributed Denial of Service (DDoS) attacks are happening ever more often and growing ever bigger. At 2.4 terabits per second (Tbps), the DDoS attack Microsoft just successfully defended European Azure cloud users against could be the biggest one to date.

What we know for certain is it's the biggest DDoS attack on an Azure cloud customer. It was bigger than the previous high, 2020's Azure 1 Tbps attack, and Microsoft reported it was "higher than any network volumetric event previously detected on Azure."

[...] Microsoft isn't saying which was used in this case but it did mention DNS. Attacks exploiting DNS can produce 28 to 54 times the original number of bytes. So, if an attacker sends a request payload of 64 bytes to a DNS server, they can generate over 3,400 bytes of unwanted traffic to an attack target.

While Microsoft also didn't go into detail about how it blocked the attack, the company said Azure's DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks: "This aggregated, distributed mitigation capacity can massively scale to absorb the highest volume of DDoS threats, providing our customers the protection they need."

---

Original Submission

• Press release or marketing? Press release or marketing? (Score: 5, Insightful) by stretch611 on Wednesday October 13 2021, @01:57AM (2 children)

  by stretch611 (6199) on Wednesday October 13 2021, @01:57AM (#1186544)

  From the Article:

  At 2.4 terabits per second (Tbps), the DDoS attack Microsoft just successfully defended European Azure cloud users against could be the biggest one to date.

  Who was targeted? We don't know. Microsoft isn't talking.

  Microsoft isn't saying which was used in this case but it did mention DNS.

  While Microsoft also didn't go into detail about how it blocked the attack, the company said Azure's DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks

  For better, more comprehensive protection, Microsoft recommends you subscribe to Azure DDoS Protection Standard.

  So, other than tooting its own horn, Microsoft is not providing any details. It sounds more like marketing than a news story... We just protected against the largest ddos... but refuse to provide proof... but we can protect your website too if you buy our services and pay us for additional ddos protection.

  Of course what do I know... I'm just an IT guy that distrusts M$ so much that there is not a single microsoft product on any device in my home network. I am sure all the Pointy-haired bosses out there are salivating over this story, believing but not understanding every one of the numbers used in this "story" and will ask the IT guys why they are not using Azure yet because it is the greatest.

  --
  Now with 5 covid vaccine shots/boosters altering my DNA :P

  Starting Score:	1		point
  Moderation		+4
  Insightful=3, Interesting=1, Total=4
  Extra 'Insightful' Modifier		0
  Karma-Bonus Modifier		+1
  Total Score:		5

• Re:Press release or marketing? (Score: 1, Informative) by Anonymous Coward on Wednesday October 13 2021, @02:54AM

  by Anonymous Coward on Wednesday October 13 2021, @02:54AM (#1186550)

  Maybe Microsoft just has a (confidential) contract with Cloudflare.

  Back in the day, when MS was still calling Linux, "a cancer", If you did an OS fingerprint of www.microsoft.com (e.g., with nmap -A), it came back as running linux. MS was (quietly) using Akamai's reverse proxies to keep their IIS boxes from falling over.

  Parent

• Re:Press release or marketing? (Score: 0) by Anonymous Coward on Wednesday October 13 2021, @05:13AM

  by Anonymous Coward on Wednesday October 13 2021, @05:13AM (#1186588)

  But, who is going to protect them from Micro$erft??

  Parent