My TechDecisions

Compliance, IT Infrastructure, Network Security

Microsoft Says It Mitigated Largest Ever DDoS Attack

Company says DDoS attacks skyrocketed in second half of 2021, as gaming, VoIP and ISPs were targeted heavily.

Leave a Comment

Largest DDoS Attack

Microsoft says it recently mitigated a 3.47 Tbps DDoS attack with a packet rate of 340 million packets per second, which would make it the largest such attack in history.

In an Azure blog, Microsoft says the November 2021 attack targeted an Azure customer in Asia that originated from about 10,000 sources from multiple countries, including the U.S., China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia and Taiwan.

“We believe this to be the largest attack ever reported in history,” the company’s blog reads.

That massive DDoS attack paints the picture of the second half of 2021, which the company says was fraught with similar attacks against gaming services, VoIP services and other targets.

According to Microsoft, attack vectors were “UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak, and the overall attack lasted approximately 15 minutes.”

The company says it mitigated an average of 1,955 attacks per day, a 40% increase from the first half of 2021. The company mitigated a total of 359,713 unique DDoS attacks against its global infrastructure in the second half of 2021, a 43% increase from the first half.

The company mitigated other very large DDoS attacks, including a 2.4 Tbps attack in October.

December also saw two ore attacks that surpassed 2.5 Tbps, both of which were in Asia.

Most of the attacks were short-lived, but the proportion of attacks that were 30 minutes or less dropped from 74% to 57%, and attacks that lasted longer than an hour doubled, from 13% to 27%.

Microsoft says UDP spoof floods became the top DDoS attack vector in the second half of 2021, making up 55% of all attacks, a 16% increase from earlier in the year.

The second-most common vector was TCP ACK floods and DNS amplification.

Aside from gaming—which was the hardest hit industry—other common targets are financial institutions, media, internet service providers, retail and supply chain, Microsoft says.

While the U.S. remains the most targeted nation, Microsoft reports a sharp uptick in India and other East Asia countries.

Read Microsoft’s Azure blog for more information on DDoS attack trends.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ