Akamai has announced that it mitigated the largest packer per second (PPS) DDoS attack ever recorded on its platform.
The attack, which targeted a large European bank, generated 809m packets per second (Mpps). Akamai believes this is a new industry record for a PPS-focused attack as it is more than double the size of the previous high-water mark on its platform.
DDoS attacks are usually volumetric in nature and are generally measured in bits per second (bps). While a traditional DDoS attack aims to overwhelm the inbound traffic by sending more traffic to a circuit than it is designed to handle, PPS-focused attacks are designed to overwhelm the network gear or applications in a user’s data center or cloud environment.
Both kinds of attacks are volumetric but PPS attacks exhaust the resources of the gear as opposed to the capability of the circuits. These kinds of attacks are also much less common than BPS attacks.
PPS-focused DDoS attack
What was unique about the packets being sent in the massive DDoS attack mitigated by Akamai is the fact that there was also a massive increase in the amount of source IP addresses used. The number of source IPs that registered traffic to the company’s customer increased substantially during the attack. Akamai saw upward of 600x the number of source IPs per minute compared to what it normally observes for this customer destination.
The vast majority of the attack traffic was sourced from IPs that have not yet been recorded in any attacks this year and the company believes this could indicate an emerging botnet. It was highly unusual that 96.2 percent of source IPs were observed for the first time.
The attack ,which occurred at the end of June, was remarkable not only for its size but also because of the speed at which it reached its peak. The attack grew from normal traffic levels to 418 Gbps in seconds before reaching its peak size of 809 Mpps in just two minutes. In total, the attack lasted for just less than 10 minutes. A large European bank was targeted in the attack and according to Akamai’s research, financial services is a frequently targeted industry vertical.
After a long period of decline, DDoS attacks have resurfaced and cybercriminals recently launched the largest DDoS attack ever at 2.3 Tbps targeting AWS.