Akamai mitigates record DDoS attack in Asia Pacific (900 GBps)

Akamai mitigates record DDoS attack in Asia Pacific (900 GBps) 

March 9, 2023 – Following last summer’s record-breaking attacks on Europe, the distributed denial-of-service (DDoS) threat landscape continues to change and intensify. 

On February 23, 2023 at 10:22 UTC, Akamai mitigated the largest DDoS attack ever launched against Prolexic customers in the Asia Pacific (APAC) region, with attack traffic reaching 900.1 gigabits per second and 158.2 million packets per second Peak.

Consistent with current trends, attacks are strong and short-duration, with most attack traffic bursting out during the peak attack period. After only a few minutes, traffic patterns returned to normal (Figure 1).

  Figure 1: The attack is powerful, short-duration, and fully pre-mitigated

Distributed across our cleaning network

Attacks are distributed across our cleaning network, but primarily originate from the Asia-Pacific region (Figure 2). No single cleaning center accounts for more than 12% of total traffic, with the top locations being Hong Kong, Tokyo, Sao Paulo, Singapore and Osaka. 48% of traffic is within the zone. All 26 of our growing scrubbing centers experience a certain amount of attack traffic.

  Figure 2: Attacks are distributed across our cleaning network, but primarily originate from the Asia-Pacific region

Mitigation strategies

Without the right defenses, even robust modern networks can collapse under an attack of this scale, rendering any online business that relies on that connection completely inaccessible. This inaccessibility can jeopardize consumer trust, lead to financial losses, and have other serious consequences.  

To stop attacks and protect our customers, Akamai Prolexic employs its industry-leading combination of platforms, people, and processes to preemptively mitigate attacks: 

•Platform: A specialized defense capability that scales to multiple times the size of the largest publicly reported attacks

•People: More than 225 frontline responders in six locations around the world bring decades of expertise mitigating the most sophisticated attacks for the world's largest and most demanding organizations

•Process: Optimize DDoS incident response plans with custom runbooks, service verification, and operational readiness drills

no collateral damage

Because we adopted an aggressive defensive posture for this client, there was no collateral damage.

As operational risks increase, having an effective DDoS mitigation strategy is imperative for your online business to thrive. To stay ahead of the latest threats, use the following recommendations.

A guide to minimizing DDoS risks

•Immediately review and implement Cybersecurity and Infrastructure Security Agency (CISA) recommendations. 

•Examine critical subnets and IP spaces and ensure they have mitigation controls in place.

•Deploy DDoS security controls as the first layer of defense with an always-on mitigation posture to avoid emergency integration scenarios and reduce the burden on incident responders. If you don’t have a trusted and proven cloud-based provider, get one now. 

•Proactively convene the crisis response team and ensure operations manuals and incident response plans are up to date: 

oFor example, do you have an operations manual for handling a catastrophic event? 

oHave the contacts in the script been updated? Referring to outdated technology assets or the playbook of people who have been away from the company for a long time will not help.

Additional Information

For more information about steps you can take to protect your organization, check out the following CISA resources:

•Understanding and mitigating Russian government-sponsored cyber threats to U.S. critical infrastructure

•Shielding (steps to reduce cybersecurity risks)

•CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure