Akamai shares details of Asia’s record-breaking DDoS attack

Cloud company Akamai has revealed details of the largest recorded DDoS attack ever launched against a customer based in Asia.

The attack, which lasted only a few minutes, peaked at a staggering 900.1 gigabits per second and 158.2 million packets per second, making it one of the most intense and short-lived attacks in recent times.

In a DDoS attack, the attacker floods the target's network with unwanted internet traffic, rendering it inaccessible to legitimate users. To counter the attack and safeguard its customers, Akamai Prolexic, a cloud-based DDoS scrubbing platform, was deployed to pre-mitigate the assault. This dedicated defence platform, which can scale to several times the size of the largest publicly reported attacks, was activated after an optimised DDoS incident response plan was launched by frontline responders.

Over 225 frontline responders across six global locations with decades of expertise mitigating the most sophisticated attacks for the world's largest, most-demanding organisations were involved to stop the attack. The attack was distributed across Akamai's scrubbing network, with all 26 of Akamai's fleet of scrubbing centres witnessing some amount of attack traffic. 

However, most of the attack traffic was heavily sourced from the Asia Pacific (APAC) region, with the top locations being Hong Kong, Tokyo, São Paulo, Singapore, and Osaka, and 48% of the traffic in-region.

Akamai reported no collateral damage for the customer, and the attack traffic patterns returned to normal after a few minutes, and the customer's services were restored without disruption. 

DDoS attacks ramp up in region

"The recent DDoS attack that Akamai mitigated in Asia serves as an important reminder that DDoS continues to be a pervasive threat that organisations here need to pay attention to. DDoS attacks continue to ramp up in the region because virtually every business is an online business today," says Parimal Pandya, Managing Director, Asia Pacific and Japan, Akamai.

"Customer experiences online are negatively impacted when a DDoS attack renders a site inaccessible and connection is compromised. This inaccessibility jeopardises consumer trust, and consistent disruptions will see them turning to alternative avenues instead," says Pandya.

In the wake of heightened operational risk, having a proven DDoS mitigation strategy is imperative for online businesses to thrive. To stay ahead of the latest threats, Akamai recommends the following:

• Immediately review and implement cybersecurity recommendations and guidelines by the local government 
• Review critical subnets and IP spaces and ensure that they have mitigation controls in place
• Deploy DDoS security controls in an always-on mitigation posture as a first layer of defence to avoid an emergency integration scenario and to reduce the burden on incident responders. Organisations without a trusted and proven cloud-based provider are advised to start their search for one.
• Proactively pull together a crisis response team and ensure incident response plans are up-to-date, including go-to contacts, and a runbook is available to provide guidance on procedures and operations that needs to be carried out in the event of a cyberattack.

"DDoS attacks have increased consistently in APAC, both in size and frequency, over the past couple of years and have become a serious threat to business growth and stability. As organisations across all verticals conduct their business online, attackers seek to disrupt and degrade customer experience and the reputation of these businesses for financial gain," says Dean Houari, Director of Security Technology and Strategy, Asia Pacific and Japan, Akamai.

"Specifically, cybercriminals continue to deploy DDoS as part of multi-faceted attacks to divert customer attention from data breaches and ransomware, or to coerce ransom payments,” says Houari. “Thus, it is critical that organisations adopt the right DDoS security solution to detect and mitigate attacks at scale, while having the right teams to monitor such attacks, as suggested in the guidance on minimising DDoS risks.”