Stories
Slash Boxes
Comments

SoylentNews is people

Microsoft Azure Customer Hit by Largest 3.47 Tbps DDoS Attack

posted by martyb on Saturday January 29 2022, @12:55PM   Printer-friendly

upstart writes:

Microsoft Azure customer hit by largest 3.47 Tbps DDoS attack:

A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed on January 25, 2022.

The DDoS attack lasted approximately 15 minutes and included a botnet of more than 10,000 compromised IoT (Internet of Things) devices from countries across the globe. These included Iran, India, China, Russia, Taiwan, Vietnam, Thailand, Indonesia, South Korea, and the United States.

Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak.

Alethea Toh Product Manager, Azure Networking

Microsoft's report further disclosed that there has been a surge in DDoS attacks with the United States and India being prime targets. The company noted that Hong Kong has also become a popular hotspot for attackers however there has been a decrease in DDoS activity in Europe.

[...] A DDoS attack involves sending a huge amount of illegal traffic from compromised machines to the intended target and therefore disrupting them completely. The system can crash and lead to a massive loss of data, particularly, in the case of companies that host a significant amount of information regarding their clients and customers.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Azure Customer Hit by Largest 3.47 Tbps DDoS Attack | Log In/Create an Account | Top | 22 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by Sabriel on Monday January 31 2022, @12:02PM

    by Sabriel (6522) on Monday January 31 2022, @12:02PM (#1217185)

    > There is no such thing. If sending a lot of packets is illegal, then spam should be illegal as well. Everyone driving to lambeau field for a packer game should be illegal.

    Sending a lot of packets can be legal or illegal much like shooting a lot of bullets can be, it depends on the circumstances, but maybe you can explain why you plugging little Timmy full of holes weren't illegal to the judge better than I can. I don't think "coz he said he liked the packers" is gonna cut it.

    > If I send a packet to your server and it crashes, not my fault, you shouldn't be accepting packets. If I send you a letter, and your mailbox falls down, not my fault either. Get a better mailbox.

    Did you miss that that paragraph was providing a simpler explanation for less IT savvy folks, or did you just accidentally delete your empathy this morning? Whether one calls it a "crash" or describes it properly, for some weird reason I got a little hunch most systems wouldn't just no-sell a DDoS like that.