Almost 2Tbps: Arbor Networks foils largest-ever DDoS attack
In a world in which bigger often means better, Arbor Networks, the security division of NETSCOUT, was recently put to the test and passed with flying colours.
This is according to Bryan Hamman, Arbor Network’s territory manager for Sub-Saharan Africa who clarifies, “The world is now in the era of the terabit-sized distributed denial of service (DDoS) attack. Recently, we saw that the biggest DDoS attack ever was mitigated by Arbor Networks defences. This comes after a 1.3Tbps DDoS attack was confirmed against developer platform GitHub on 28 February, which was unavailable from 17:21 to 17:26 UTC, and intermittently unavailable from 17:26 to 17:30 UTC, due to the attack. At the time, this was the most powerful DDoS attack recorded to date.
“Just days later, during the first week of March, Arbor Networks was able to confirm that an even larger attack of 1.7Tbps – a reflection/amplification attack – was targeted at a customer of an American-based service provider and recorded by the Arbor ATLAS global traffic and DDoS threat data system. The attack was unsuccessful.”
Hamman notes that the attack was based on the same memcached reflection/amplification attack vector that made up the GitHub attack, and that no outages were reported, despite the huge size of this DDoS attack, because of the defence capabilities that the service provider had in place to protect against such an attack.
The previous record noted by ATLAS was 650Gbps towards a target in Brazil during 2016.
In a recent Arbor Networks blog, Carlos Morales, the vice president of Global Sales Engineering and Operations at Arbor Networks, writes, “While the internet community is coming together to shut down access to the many open memcached servers out there, the sheer number of servers running memcached openly will make this a lasting vulnerability that attackers will exploit. It is critically important for companies to take the necessary steps to protect themselves including implementation of best current practices described in the following Arbor Security Engineering and Response Team (ASERT) blog.”
Morales continues, “It is also very important to work with DDoS mitigation service providers, such as Arbor Cloud, that have sufficient scale and expertise to block attacks of this size. Arbor Cloud… is well equipped to handle attacks of this scale…. Until the internet community is able to adjust and make significant progress on memcached servers, we should expect terabit attacks to continue.”