Amazon said it was exposed to the largest DDoS attack ever seen at 2.3 Tbps in February, the attack being alleviated and defended by AWS Shield.
Amazon is one of the largest companies in the world and such a company is naturally frequently targeted by attacks. Sharing the security report for the first quarter of 2020, the company announced that it was facing the biggest DDoS attack ever recorded and that Amazon Web Services (AWS) successfully resisted the attacks.
Amazon stated that the attack took place in February and has a huge traffic volume of 2.3 Tbps. The company alleged that the attack was alleviated by AWS Shield, a service designed to protect cloud computing platform customers from DDoS attacks, malicious bots, and application vulnerabilities.
Amazon announces successfully fending off biggest DDoS attack so far
It was reported that the record attack on Amazon was a “reflection attack”. As Cloudflare explains, attackers use an unprotected third-party server to increase the amount of data sent to the victim’s IP address in the reflection attack. The attack is actually based on exploiting the CLDAP servers to increase traffic. Normally, attacks on this protocol are used to access and organize shared directories over the internet.
Although difficult to resist, attacks of this scale rarely occur. Amazon revealed that the biggest attacks it saw between the second quarter of 2018 and the fourth quarter of 2019 are less than 1 Tbps, and 99% of the attacks in the first quarter of this year are 43 Gbps or smaller. ZDNet points out that attacks in 2018 take advantage of a new Memcached attack vector, but states that since then internet service providers and content distribution networks have been working to secure Memcached servers.