The largest packet per second distributed denial-of-service (DDoS) attack of the year has been detected.
DDoS protection technology vendor Prolexic said the attack mitigated was the largest DDoS attack event in 2011 in terms of packets-per-second (PPS) volume, and it was targeted at "a large Asian customer and its DNS service provider".
Prolexic CTO Paul Sop said the attack, occurring between 5 and 12 November, was three times larger in PPS volume than the biggest attack it had mitigated previously, reaching 69 million PPS, a bandwidth of 45Gbps and 15,000 connections per second.
He said: “These are attack rates that no standalone automated DDoS mitigation appliance or service from an ISP or major carrier would be able to successfully mitigate. Attackers used six different attack signatures during the event, including a combination of bandwidth-driven Layer 3 and targeted Layer 7 attacks aimed at the organisation's critical application layer.
“Frankly, we are not surprised since we have seen an almost four-fold increase in packet volume since Q3 2010. This increase reflects an emerging strategy in which attackers directly target a company's DDoS mitigation appliances, which are commonly vulnerable to such attacks as they cannot handle such high PPS rates.”
Using its proprietary mitigation tools and live monitoring strategy, Prolexic said it identified a randomised attack consisting of the largest volume of GET, SYN, ICMP, UDP and DNS floods launched in a single campaign this year. It also identified that the attack was coming from botnets in multiple worldwide locations and, unlike typical DDoS attacks that are co-ordinated from one geographic source, this attack was done so globally.
Prolexic said it mitigated a total of four separate DDoS attacks over the course of the event, which lasted seven days and 20 hours.