AWS Shield, the Amazon department tasked with defending AWS from malicious attacks, successfully held off a 2.3Tbps distributed denial-of-service (DDoS) attack in February.
The attack is the largest ever recorded, with the previous title-holding campaign reaching only 1.7Tbps. Today's average DDoS attack, meanwhile, peaks at roughly 500GBps.
The details of this latest attack and how it was mitigated were described in an AWS Threat Landscape Report. Although AWS Shield did not disclose the name of the company under attack, it said the assault was carried out by hijackeding the CLDAP (Connection-less Lightweight Directory Access Protocol) and took three days to contain.
According to ZDNet, hijacking CLDAP isn’t exactly a novel practice. It’s been abused since late 2016, and CLDAP servers reportedly amplify DDoS traffic by up to 70 times.
Distributed denial-of-service is a growing threat, especially with the emergence of the Mirai botnet. Mirai is a malware that targets network devices, such as IP cameras and home routers, and uses them to contribute to large scale attacks.
With the number of IoT devices growing by the minute and the inevitable adoption of 5G on the horizon, the potential of IoT-fueled DDoS attacks is enormous.