Microsoft says it mitigated a DDoS attack that lasted approximately 15 minutes against one of its Azure customers in Asia.

A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed on January 25, 2022.

The DDoS attack lasted approximately 15 minutes and included a botnet of more than 10,000 compromised IoT (Internet of Things) devices from countries across the globe. These included Iran, India, China, Russia, Taiwan, Vietnam, Thailand, Indonesia, South Korea, and the United States. 

Although it is unclear who was behind the attack, Microsoft’s report titled “Azure DDoS Protection—2021 Q3 and Q4 DDoS attack trends” dug deeper into the attack. According to the company, the attack was mitigated however the attacker employed different methods to boost the DDoS attack.

Attack vectors were UDP reflection on port 80 using Simple Service Discovery Protocol (SSDP), Connection-less Lightweight Directory Access Protocol (CLDAP), Domain Name System (DNS), and Network Time Protocol (NTP) comprising one single peak.


Alethea Toh Product Manager, Azure Networking

Microsoft’s report further disclosed that there has been a surge in DDoS attacks with the United States and India being prime targets. The company noted that Hong Kong has also become a popular hotspot for attackers however there has been a decrease in DDoS activity in Europe.

Microsoft Azure customer hit by largest 3.47 Tbps DDoS attack
Credit: Microsoft

What happens in a DDoS attack?

A DDoS attack involves sending a huge amount of illegal traffic from compromised machines to the intended target and therefore disrupting them completely. The system can crash and lead to a massive loss of data, particularly, in the case of companies that host a significant amount of information regarding their clients and customers.

Previous largest DDoS attacks

It is worth noting that prior to Microsoft’s disclosure on Tuesday, some of the largest and publicly reported DDoS attacks ever included a 2.3 TBPS DDoS attack in February 2020 on an Amazon Web Services (AWS) Shield DDoS protection service customer. The attack was successfully mitigated by the company.

In August 2020, Microsoft fended off a 2.4 Tbps DDoS attack against one of its Azure customers. The attack originated from a botnet comprising 70,000 compromised IoT devices. 

On October 16th, 2020, Google revealed that it mitigated a 2.54 Gbps DDoS attack. The attack, according to Google, originally took place in September 2017 by a state-sponsored threat actor in China.

More DDoS attack news on Hackread.com

Iranian Gas Stations Crippled After Suffering Cyberattack

Owner of DDoS mitigation firm launched DDoS attacks on others

Russian electronic voting system hit by 19 DDoS attacks in one day

Yandex hit by largest DDoS attack involving 200,000 hacked devices

DDoS attacks on Minecraft event crippled the internet of a European country

Posted by Charlie