Amazon has revealed that its AWS Shield service was able to mitigate the largest DDoS attack ever recorded at 2.3 Tbps back in February of this year.
The company’s new AWS Shield Threat Landscape report provided details on this attack and others mitigated by its AWS Shield protection service.
While the report did not identify the AWS customer targeted in the DDoS attack, it did say that the attack itself was carried out using hijacked CLDAP (Connection-less Lightweight Directory Access Protocol) web servers and lasted for three days.
Since late 2016, this protocol has often been used in DDoS attacks as CLDAP servers can amplify DDoS traffic by 56 to 70 times is initial size. CLDAP is also a highly sought-after protocol by cybercriminals and it is provided by many DDoS-for-hire services.
The DDoS attack mitigated by AWS Shield in February of this year now holds the record for the largest of its kind yet.
The previous record is held by a 1.7 Tbps attack which was mitigated by Netscout Arbor back in March of 2018 and a month before that, GitHub was hit with a 1.3 Tbps DDoS attack.
Both the Netscout and GitHub DDoS attacks abused Memcached servers which were exposed on the internet in order to reach massive bandwidths. During that time, Memcached was a new DDoS attack vector and cybercriminals abused over 100,000 Memcached servers.
Recently though, DDoS attacks have declined in both number and frequency as a result of ISPs, content delivery networks and other internet businesses working together to secure vulnerable Memcached systems. However, Kaspersky released a report last year that said DDoS attacks were on the rise as more DDoS-for-hire websites were launched.
These days DDoS attacks usually peak at around 500 Gbps and are much smaller in scale. The recent attack mitigated by Amazon is an outlier and hopefully doesn’t become the norm going forward.