The record-breaking attack DDoS attack that took place on February 23, 2023, has broken the previous record that the U.S.-based cloud and cybersecurity company recorded held in September last year with attack traffic peaking at 900.1 gigabits per second (Gbps) and 158.2 million packets per second (PPS). For that unaware, a DDoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers, in order to make an online service, network resource, or host machine unavailable. A DDoS attack uses more than one unique IP address or machine, often from thousands of hosts infected with malware. According to Akamai, the attack was intense and short-lived, and was fully pre-mitigated, with most attack traffic bursting during the peak minute of the attack, which matches the current trends in the DDoS space. The attack was distributed across the company’s scrubbing network but was most heavily sourced from APAC. No individual scrubbing center saw more than 12% of the total traffic, with many ending up in Hong Kong, Tokyo, São Paulo, Singapore, and Osaka centers. Most of the attack traffic (48%) was in-region. How Does Akamai’s Scrubbing Network Work? When a DDoS attack against a client website is detected, all incoming site traffic is rerouted to one or more of Akamai’s global data centers. Malicious traffic is then “scrubbed” before the remaining clean traffic is routed back to the client’s network. “Without the right defenses, even a robust, modern network would likely collapse under an assault of this magnitude, making any online business that’s reliant on that connection completely inaccessible. That inaccessibility can jeopardize consumer trust, result in financial loss, and have other serious ramifications,” said Akamai senior product manager Chris Sparling in a blog post. To prevent the attack and safeguard its customer, Akamai said it used its industry-leading combination of platform, people, and processes to pre-mitigate the assault with no direct or collateral damage. The company added that it used more than 225 frontline responders across six global locations with decades of expertise to mitigate the attack. With the increase in DDoS attacks with “unprecedented innovation” in the threat landscape, it is imperative for online businesses to have a DDoS mitigation strategy. Akai recommends employing the following recommendations to minimize DDoS risk:
Immediately review and implement Cybersecurity and Infrastructure Security Agency (CISA) recommendations. Review critical subnets and IP spaces, and ensure that they have mitigation controls in place. Deploy DDoS security controls in an always-on mitigation posture Proactively pull together a crisis response team and ensure runbooks and incident response plans are up-to-date.
Previously, Akamai has dealt with major DDoS attacks with large European customers. In September 2022, the company successfully detected and mitigated a DDoS attack against a European customer on the Prolexic platform, with attack traffic abruptly peaking to 704.8 Mpps.