On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked in July and that hit the same customer.
The following table compared the two massive DDoS attacks, it is possible to verify that while in July the number of cumulative attacks was 75, in September it jumped up to 201.
July Attack | September Attack | |
Peak pps | 659.6 Mpps | 704.8 Mpps |
Cumulative Attacks | 75 | 201 |
IPs Targeted | 512 | 1813 |
Vector | UDP | UDP |
Distribution | 1 location | 6 locations |
Date of Attack | July 21, 2022 | September 12, 2022 |
Top Scrubbing Locations | HKG, LON, TYO | HKG, TYO, LON |
Unlike the July attack, this time the attackers launched the attack against six data center locations from Europe to North America.
“On Monday, September 12, 2022, Akamai successfully detected and mitigated the now-largest DDoS attack ever launched against a European customer on the Prolexic platform, with attack traffic abruptly spiking to 704.8 Mpps in an aggressive attempt to cripple the organization’s business operations.” reads the analysis published by Akamai. “The attackers’ command and control system had no delay in activating the multidestination attack, which escalated in 60 seconds from 100 to 1,813 IPs active per minute. Those IPs were spread across eight distinct subnets in six distinct locations.”
Akamai applauded the approach adopted by its customer to mitigate DDoS attacks, after the July attack it had secured all of its 12 data centers.
“Having a proven DDoS mitigation strategy and platform in place is imperative for shielding your business from downtime and disruption” concludes the security firm.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.