Microsoft Azure Fought Off A MASSIVE DDoS Attack

Earlier this week, Microsoft announced that Microsoft Azure successfully fended off the largest DDoS attack on an Azure cloud customer to date:

The attack itself came from over 70,000 sources. It was orchestrated from multiple Asia-Pacific countries such as Malaysia, Vietnam, Taiwan, Japan, and China, and from the United States. 

The attack vector was a User Datagram Protocol (UDP) reflection attack. The attack lasted over 10 minutes with very short-lived bursts. Each of these bursts ramped up in seconds to terabit volumes. In total, Microsoft saw three main peaks, the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.

In a UDP reflection attack, the attacker exploits the fact that UDP is a stateless protocol. That means the attackers can create a valid UDP request packet listing the attack target’s IP address as the UDP source IP address. It looks as if the attack is being reflected back and forth within the local network, hence the name. This relies on the UDP request packet’s source Internet Protocol (IP) being spoofed, i.e. falsified. The UDP packet contains the spoofed source IP and is sent by the attacker to a middleman server. The server is tricked into sending its UDP response packets to the targeted victim IP rather than back to the attacker. The middleman machine helps strengthen the attack by generating network traffic that is several times larger than the request packet, thus amplifying the attack traffic.

The fact that Microsoft was able to fend off this attack shows how resilient Microsoft’s defenses are. I got some additional commentary from Tim Grelling, Director of Innovation, Security at Core BTS

“While there’s understandable concern surrounding the cloud during an age of incessant breaches, Azure is the most secure offering on the market, as proven by the platform’s ability to fend off this attack. Over ninety percent of Fortune 500 companies use the Azure suite of services with little issue, and this is a strong example of why. The Azure suite can be highly modified for the security needs of individual clients. This ensures that the fatal “one size fits all” approach to security isn’t an issue for Azure users, resulting in safer storage of data.”

This in my mind makes moving to Azure a viable option for companies moving to the cloud as clearly Azure is capable of defending attacks like this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: