Shop Plans

How The Largest European DDoS Attack Was Blocked

Contents

Summary Of The Attack

  • On July 21, 2022, Akamai detected and mitigated the largest DDoS attack up to this point, which has been launched against a publicly unknown Akamai European customer.
  • The attack lasted over 14 hours and traffic was peaking at 853.7 Gbps and 659.6 Mpps which was targeting Akamai European customers.
  • The most significant DDoS attack type was UDP flood in which a large number of UDP packets are sent to a target with the aim to overwhelm the target device’s ability to process and respond.
  • Choose the proper DDoS solution, identify what assets should be protected, identify what business impact, and define the procedure and dedicated team to respond to the attack.
.

What Happened?

DDoS (Distributed Denial-of-Service) attacks became a real problem, especially for companies, government institutions, and similar organizational types.

As long there is an active internet connection, the threat of DDoS attacks is always present.

After the largest DDoS attack caused by the Mantis botnet attack in June 2022 mitigated by Cloudflare, on July 21, 2022, Akamai detected and mitigated the largest DDoS attack up to this point, which has been launched against a publicly unknown Akamai European customer.

What Was The Impact?

Akamai detected and mitigated attacks on their Prolexic platform which provides protection against the broad range of DDoS attack types, including their 20 anycast global scrubbing centers and more than 10 TBps of dedicated network capacity.

Within each scrubbing center, proactive mitigation controls drop all detected abnormal traffic in short notice and route legit traffic.

How This Attack Happened

The attack lasted over 14 hours and traffic was peaking at 853.7 Gbps (Gigabit per second) and 659.6 Mpps (Maximum packets per second) which was targeting Akamai European customer large scope of IP addresses which resulted in the largest horizontal attack mitigated on the Prolexic platform.

Akamai revealed that their customer was targeted 75 times in the 30 days time frame including multiple types of attacks.

The most significant DDoS attack type was UDP flood in which a large number of UDP (User Datagram Protocol) packets are sent to a target with the aim to overwhelm the target device’s ability to process and respond. In the following figures, UDP flood was observed in both record spikes.

The first figure represents the maximum number of packets per second was reached 659.6 Mpps during the attack.

maximum number of packets per second was reached 659.6 Mpps during the attack

The second figure represents the highest attack peak which reached 853.7 Gbps.

highest attack peak which reached 853.7 Gbps

Other noticed DDoS attack types were UDP fragmentation, ICMP flood, RESET flood, SYN flood, TCP anomaly, TCP fragment, PSH ACK flood, FIN push flood, and PUSH flood.

Free Security Policy Templates

Get a step ahead of your cybersecurity goals with our comprehensive templates.

Download Now
IT Security Policy Templates

Mitigating DDoS Risk

Today without proper automated DDoS defenses, primarily for critical business operations, it would likely collapse under a similar attack scale, making online business completely inaccessible and causing financial and reputational loss.

Recommendations for mitigating DDoS risk include:

  • Choose the proper DDoS solution based on your business scale to keep service up and running.
    Identify what assets should be protected from DDoS attacks, which can include web applications, APIs, DNS servers, origin servers, data centers, and network infrastructure.
  • Identify what business impact and operational, financial, regulatory, and reputational costs would incur from loss.
  • Design robust architecture by separating data servers on separate networks, and review critical IP subnets to prevent a single point of failure.
  • Define procedure and dedicated team to respond to attack on short notice.
  • Identify an acceptable time to respond to an attack a do proper mitigation.
  • Maintain a DDoS runbook, which allows the organization in case of need to experience a controlled, streamlined response to an attack.

Article by

Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.
Linkedin
Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.

Share This Article

Our Editorial Process

Our content goes through a rigorous approval process which is reviewed by cybersecurity experts – ensuring the quality and accuracy of information published.

Categories

AI Security

Cybersecurity Strategy

General Cybersecurity

Network Security

Penetration Testing

Ransomware

Recent Cyber Attacks

Small Business

Social Engineering

Vulnerability Management

The Breach Report

Our team of security researchers analyze recent cyber attacks, explain the impact, and provide actionable steps to keep you ahead of the trends.

Learn More

Related Breaches

PurpleSec

Get Secure Today.

Founded in 2019, PurpleSec is a veteran-owned cybersecurity company with a mission to help SMBs and startups affordably meet their security requirements.

Explore The Savings

Our Solutions

Virtual CISO

Defiance XDR

Social Engineering

Vulnerability Mgmt

Penetration Testing

Contact Us

Why PurpleSec?

About Us

Case Studies

How We Work

Our Leadership

Our Mission & Values

Linkedin Youtube Twitter

Learn With PurpleSec

Blog

Podcasts

Recent Cyber Attacks

Cybersecurity Insights

View All Resources