Microsoft: DDoS Attacks Are Lasting Longer

In the second half of 2021 Microsoft’s Azure DDoS Protection had one its busiest seasons, successfully fending off a growing onslaught of daily attacks and the largest distributed denial-of-service (DDoS) attack. The company’s accumulated data indicates that DDoS attacks are growing increasingly sophisticated, thereby allowing them to last longer. 

Most of the attacks the company observed in 1H2021 were short-lived, usually 30 minutes or less. During the third and fourth quarter, however, it “saw a rise in attacks that lasted longer than an hour, with the composition more than doubling from 13 percent to 27 percent,” read a Microsoft press release. Moreover, DDoS attacks are becoming more elaborate. The largest attack yet registered 3.47 terabits per second (Tbps), involved 4 vectors and about 10,000 endpoints from around the globe, most likely consumer devices laden with malware and controlled by a remote server.

"This was a distributed attack originating from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia and Taiwan," said Alethea Toh, Product Manager, Azure Networking.

These types of attacks are significant because cybercriminals capitalize on the growing prevalence of compromised devices to use them as conduits to overwhelm their targets. In other words, since these types of attacks are coming from thousands of endpoints simultaneously, it enhances the impact of the attack while providing a veil of anonymity. Consequently, there has been a sharp rise in DDoS attacks with Microsoft Azure batting away an average of 1,955 attacks per day, a 40 percent increase from the first half of 2021.  More troubling however, is how common large scale DDoS attacks are becoming with Azure reporting two attacks above 2.4 Tbps in October and an additional three since then. 

Nevertheless, the report considered other possible causations such as the holiday season and the digital transformation, which has contributed to greater smartphone penetration. Moreover, the company’s success allowed it to confidently relay to its consumers that it is capable of mitigating these threats.  

“In these cases, our customers do not have to worry about how to protect their workloads in Azure, as opposed to running them on-premises. Azure’s DDoS protection platform, built on distributed DDoS detection and mitigation pipelines, can scale enormously to absorb the highest volume of DDoS attacks, providing our customers the level of protection they need.”