Akamai Technologies recently revealed that Akamai mitigated the largest DDoS attack ever launched against a customer based in Asia. In a distributed denial-of-service (DDoS) attack, an attacker overwhelms its target with unwanted internet traffic so that normal traffic cannot reach its intended destination.
On February 23, 2023, Akamai mitigated the attack which recorded traffic peaking at 900.1 gigabits per second and 158.2 million packets per second. The attack was intense and short-lived, with most attack traffic bursting during the peak minute of the attack. Traffic patterns returned to normal after only a few minutes.
The attack was distributed across Akamai’s scrubbing network, with all 26 of Akamai’s fleet of scrubbing centers witnessing some amount of attack traffic. However, this was most heavily sourced from APAC (Figure 2), with the top locations being Hong Kong, Tokyo, São Paulo, Singapore, and Osaka, and forty-eight percent of traffic in-region.
Mitigation strategy
To thwart the attack and safeguard the customer, Akamai Prolexic, a cloud-based DDoS scrubbing platform, was deployed to pre-mitigate the assault. The dedicated defense platform, that scales to several times the size of the largest publicly reported attacks, was deployed after an optimized DDoS incident response plan was launched by frontline responders. Over 225 frontline responders across six global locations with decades of expertise mitigating the most sophisticated attacks for the world’s largest, most-demanding organizations, were involved to stop the attack. As a result of the proactive defense posture, there was no collateral damage for the customer.
“The recent DDoS attack that Akamai mitigated in Asia serves as an important reminder that DDoS continues to be a pervasive threat that organizations here need to pay attention to. DDoS attacks continue to ramp up in the region because virtually every business is an online business today,” explained Parimal Pandya, Managing Director, Asia Pacific and Japan, Akamai.
“Customer experiences online are negatively impacted when a DDoS attack renders a site inaccessible, and connection is compromised. This inaccessibility jeopardizes consumer trust, and consistent disruptions will see them turning to alternative avenues instead,” continued Pandya.
Guidance on minimizing DDoS risk
In the wake of heightened operational risk, having a proven DDoS mitigation strategy is imperative for online businesses to thrive. To stay ahead of the latest threats, Akamai recommends the following:
- Immediately review and implement cybersecurity recommendations and guidelines by the local government
- Review critical subnets and IP spaces and ensure that they have mitigation controls in place
- Deploy DDoS security controls in an always-on mitigation posture as a first layer of defense to avoid an emergency integration scenario and to reduce the burden on incident responders. Organizations without a trusted and proven cloud-based provider are advised to start their search for one.
- Proactively pull together a crisis response team and ensure incident response plans are up-to-date, including go-to contacts, and a runbook is available to provide guidance on procedures and operations that needs to be carried out in the event of a cyberattack.
“DDoS attacks have increased consistently in APAC, both in size and frequency, over the past couple of years and have become a serious threat to business growth and stability. As organizations across all verticals conduct their business online, attackers seek to disrupt and degrade customer experience and the reputation of these businesses for financial gain,” said Dean Houari, Director of Security Technology and Strategy, Asia Pacific and Japan, Akamai.
“Specifically, cybercriminals continue to deploy DDoS as part of multi-faceted attacks to divert customer attention from data breaches and ransomware, or to coerce ransom payments. Thus, it is critical that organizations adopt the right DDoS security solution to detect and mitigate attacks at scale, while having the right teams to monitor such attacks, as suggested in the guidance on minimizing DDoS risks,” he concluded.