Amazon Records Record 2.3Tbps Denial-Of-Service Attack

cloud security

Amazon says its AWS Shield mitigated a DDoS attack peaking at 2.3Tbps, far larger than previous assaults, amidst increasing cloud security threats

Amazon said its cloud infrastructure has fended off the largest-yet reported DDoS attack.

Amazon Web Services (AWS) said that at its peak, the February attack sent 2.3Tbps of data at its target in an effort to cause the service to crash.

Distributed denial-of-service attacks rely on large numbers of compromised systems to send malicious data at a target in order to take it offline.

The peak of the AWS attack is nearly half of what is transmitted across BT’s entire UK data networks on an average working day.

HSBC, security, hacking, ddosRecord threat

In 2018 GitHub said it had seen off a then-record DDoS attack reaching 1.3Tbps.

A few days afterward, Arbor Networks said it had recorded a 1.7Tbps attack on a US-based service provider, the largest-ever until now.

The latest attack reported by AWS represents a significantly more aggressive threat.

Amazon said its AWS Shield anti-DDoS service had mitigated the threat against an unnamed website or online service.

It said the attack was 44 percent larger than anything the service had seen before and had triggered three days of “elevated threat” status.

AWS Shield, along with Akamai and Cloudflare, are services that aim to absorb DDoS traffic and allow sites to remain online while they are under attack.

Takedown

Such attacks can be launched by criminals in order to extort money from their targets or for other purposes.

A study by Dutch and German academics published last year found that a 2018 takedown by the FBI targeting 15 so-called “booter” DDoS services had been largely ineffective.

The takedown led to only a “temporary reduction in attack traffic”, while one booter service was able to quickly continue operations by using a new domain for its website, the researchers said.

They advised authorities to focus on patching the vulnerable systems that allow attackers to build up their DDoS networks.

Dutch police said in April they had shut down 15 DDoS networks that had targeted government services offering information on Covid-19.