In its Azure blog, Microsoft points out the DDoS attack had a peak bandwidth of 2.4 terabytes per second (Tbps). This means it was 140% larger than any other previous DDoS bandwidth Microsoft has seen. Microsoft says the August attack was over within 10 minutes but included short episodes of high traffic. Those short bursts reached 2.4 Tbps, while others were recorded at 1.7 Tbps and 0.55 Tbps. Like other types of DDoS attacks, the goal was to overwhelm systems with too much traffic, causing them to go offline. Importantly, despite being a record attack, Microsoft says it was still below what Azure DDoS security features are designed to handle: “Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can absorb tens of terabits of DDoS attacks,” explains Microsoft. “This aggregated distributed mitigation capacity can massively scale to absorb the highest volume of DDoS threats, providing our customers the protection they need.”
Azure Security in Action
Because of Microsoft’s mitigations, the customer did not see any impact from the attack, including no downtime. If the attack had worked, it would have had a significant impact and caused financial damage to the customer. “The attack traffic originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States,” explains Microsoft’s Amir Dahan, senior program manager, Azure networking. Tip of the day: Thanks to the Windows Subsystem for Linux (WSL) you can run complete Linux distributions within Windows 10. In our tutorial, we show you how to install Ubuntu or other Linux packages and how to activate the bash shell.