• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Managed Service, Network Security

AWS Says it Mitigated Largest Ever DDoS Attack in February

Amazon Web Services said it stopped a massive mid-February DDoS attack which some are calling the largest ever recorded DDoS attack.

June 18, 2020 Zachary Comeau Leave a Comment

DDoS, NETSCOUT Arbor Insight

Amazon Web Services said it stopped a massive mid-February DDoS attack, the largest ever recorded, according to some media reports.

In a Q1 AWS Shield threat landscape report, the company disclosed web attacks that were prevented and mitigated by AWS Shield, Amazon’s cybersecurity service.

The targeted customer wasn’t identified in the report, but AWS said the attackers exploited CLDAP web servers and caused three days of “elevated threat” levels for its staff.

In Q1 2020, a known UDP reflection vector, CLDAP reflection, was observed with a previously unseen volume of 2.3 Tbps. This is approximately 44% larger than any network volumetric event previously detected on AWS. CLDAP reflection attacks of this magnitude caused 3 days of elevated threat during a single week in February 2020 before subsiding. Despite this observation, smaller network volumetric events are far more common. The 99th percentile event in Q1 2020 was 43 Gbps.

Read Next: Relax — There Was No Large-Scale DDoS Attack

According to ZDNet, CLDAP (Connection-less Lightweight Directory Access Protocol) is an alternative to Microsfot’s LDAP protocol and is used to connect, search and modify internet-shared directories.

That protocol has been exploited for DDoS attacks for several years and are known to amplify DDoS traffic by 56 to 70 times its initial size, making it a common target for DDoS-for-hire services, ZDNet reported.

The previous record for the largest DDoS attack ever recorded was 1.7 Tbps, ZDnet said, citing a report from NETSCOUT.

In the report, AWS said mitigating those threats is best achieved when following best practices.

Larger attacks, like the 2.3 Tbps CLDAP reflection attack … described in this report, are lower frequency, high severity threats that are best mitigated when you are closely adhering to the best practices. This can also help protect applications against complex or multi-vector attacks that are often lower volume, but are more challenging to identify or mitigate.

In addition to utilizing other AWS security solutions, the cloud provider recommends reducing the attack surface, keeping software current, managing remote access and monitoring the application.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Related Content:

  • InfoComm Logo InfoComm 2023 Show to Spotlight Emerging Technologies
  • MOVEit vulnerability, zero-day, Progress Software Act Now: Vulnerability in Progress Software’s MOVEit Transfer…
  • iPhone security bug, Apple, Kaspersky Kaspersky Discovers New 0-Click iOS Exploit
  • C919 The Cyberattacks and Insider Threats During The Development…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.