On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked in July and that hit the same customer.
The following table compared the two massive DDoS attacks, it is possible to verify that while in July the number of cumulative attacks was 75, in September it jumped up to 201.
July Attack | September Attack | |
Peak pps | 659.6 Mpps | 704.8 Mpps |
Cumulative Attacks | 75 | 201 |
IPs Targeted | 512 | 1813 |
Vector | UDP | UDP |
Distribution | 1 location | 6 locations |
Date of Attack | July 21, 2022 | September 12, 2022 |
Top Scrubbing Locations | HKG, LON, TYO | HKG, TYO, LON |
Unlike the July attack, this time the attackers launched the attack against six data center locations from Europe to North America.
“On Monday, September 12, 2022, Akamai successfully detected and mitigated the now-largest DDoS attack ever launched against a European customer on the Prolexic platform, with attack traffic abruptly spiking to 704.8 Mpps in an aggressive attempt to cripple the organization’s business operations.” reads the analysis published by Akamai. “The attackers’ command and control system had no delay in activating the multidestination attack, which escalated in 60 seconds from 100 to 1,813 IPs active per minute. Those IPs were spread across eight distinct subnets in six distinct locations.”
Akamai applauded the approach adopted by its customer to mitigate DDoS attacks, after the July attack it had secured all of its 12 data centers.
“Having a proven DDoS mitigation strategy and platform in place is imperative for shielding your business from downtime and disruption” concludes the security firm.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]