European bank suffers biggest PPS DDoS attack, new botnet suspected

by certadmin

A bank in Europe was the target of a huge distributed denial-of-service (DDoS) attack that sent to its networking gear a flood of 809 million packets per second (PPS).

The attack can easily be a contender for the largest DDoS incident to date, despite not being a bandwidth-intensive attack, with a footprint of just 418Gbps.

DDoS attack differentiate according to the method used to bring down the target. Their intensity is measured in bits per second (BPS), packets for second (PPS), or requests per second (RPS).

BPS attacks aim to exhaust the internet pipeline, PPS are directed at network devices or apps in datacenter/cloud, and RPS attacks target an edge server that runs a web application.

Fast and furious

The record DDoS attack was mitigated by Akamai on Sunday, June 21. The company did not disclose the name of the customer defended against the take down, referring to them as a large European bank.

The incident lasted for a short time and increased in intensity in just a couple of minutes. It took seconds to get from normal traffic levels to 418 Gbps.

About two minutes passed until the flood grew to its peak of 809 million packets per seconds. In all, the attack lasted less than 10 minutes, Akamai says in a blog post today.

Suspected of this operation is a new botnet emerging from the underground. This conclusion is based on the high number of IP addresses involved in the attack that were seen for the first time. 96.2% of them were unknown to Akamai until now.

Akamai says that for the duration of the incident, more the platform recorded more than 600 times the normal amount of IP addresses normally seen for the customer.

Largest PPS DDoS attack

Akamai believes that this is a new industry record in terms of PPS-focused attacks. Compared to previous largest attack recorded by the platform, which was 385 million PPS, this incident was more than double.

“This latest attack was clearly optimized to overwhelm DDoS mitigation systems via high PPS load,” Akamai says, adding that sent packets carried a payload of just 1 byte in a total packet size of 29 with IPv4 headers, thus hiding it among several billion peers.

Wireshark
source: Akamai

The largest BPS DDoS attack published to date has reached the impressive scale of 2.3Tbps and its mitigation is claimed by Amazon’s AWS Shield service. Compared to this, the 418Gbps blocked by Akamai seems like the little league.

Looking from the PPS perspective though, things are different. Amazon’s metrics show that the largest such attack recorded in Q1 2020 had 293.1 RPS, which is 2.7 times smaller than what Akamai mitigated on Sunday.

Before Akamai’s report today, Imperva recorded the largest publicly known PPS DDoS attack on April 30, 2019. The peak was close to 580 million packets per second.

To read the original article:

https://www.bleepingcomputer.com/news/security/european-bank-suffers-biggest-pps-ddos-attack-new-botnet-suspected/

Top

Interdit de copier  ce contenu