Akamai mitigated the largest ever PPS DDoS attack

Pierluigi Paganini June 25, 2020

Akamai announced to have mitigated a record distributed denial-of-service (DDoS) attack that hit a European bank.

Akamai revealed that a bank in Europe was hit by a massive distributed denial-of-service (DDoS) attack that peaked a record 809 million packets per second (PPS).

“On June 21, 2020, Akamai mitigated the largest packet per second (PPS) distributed denial-of-service (DDoS) attack ever recorded on the Akamai platform. The attack generated 809 million packets per second (Mpps), targeting a large European bank.” reads the post published by Akamai.

The company did not disclose the name of the bank, it only said that the attack took place on June 21.

Experts consider this attack one of the largest DDoS ones to date, even if it was just of 418Gbps.

It is a new industry record for PPS DDoS attacks, it is over double the size of the previous record attack mitigated by the Akamai platform

DDoS attacks are almost always volumetric in nature and their magnitude is generally measured in bits per second (bps). 

In contrast, PPS-focused DDoS attacks aim at overwhelming network gear and/or applications in the customer’s data center or cloud environment. They are also volumetric, but PPS attacks saturate the resources of the gear, rather than the capability of the circuits.

The experts were impressed by the peak velocity, the speed at which the DDoS attack reached its peak was impressive.

“The attack grew from normal traffic levels to 418 Gbps in seconds, before reaching its peak size of 809 Mpps in approximately two minutes. In total, the attack lasted slightly less than 10 minutes.” continues the report.

Akamai revealed that the attack lasted less than 10 minutes, the experts speculate it was launched by a new botnet due to the involvement of a high number of IP addresses involved in the attack that were observed for the first time. 96.2% of the IP addressed involved in the attacks were seen for the first time by Akamai.

“This latest attack was clearly optimized to overwhelm DDoS mitigation systems via high PPS load,” Akamai says.

The company revealed that the sent packets carried a payload of just 1 byte in a total packet size of 29 with IPv4 headers, making it appear like every other one of its several billion peers.

A couple of weeks ago, Amazon’s AWS Shield service announced it has mitigated a 2.3 Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Tbps that took place in March 2018.

The analysis of RPS attacks revealed that according to Amazon’s metrics, the largest attack recorded in Q1 2020 had 293.1 RPS, which is 2.7 times smaller than the attack mitigated by Akamai on Sunday.

In April 2019, Imperva mitigated an RPS DDoS attack that peaked close to 580 million PPS. In May 2019 Imperva mitigated a DDoS attack that was 652 million PPS. 

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment