Micron21 mitigates handfuls of Layer 3 to 7 DDoS attacks daily, with the most common attack size peaking at less than 1gbit, typically lasting several hours. Once or twice a week we observe a 10gbit to 20gbit attack towards our customer networks or infrastructure which always gets the attention of our NOC team however on extremely rare occasions we mitigate an attack worth writing a review on.
On Thursday the 14th of January 2016 Micron21 successfully mitigated a multi vector DDoS attack which peaked at 90 Gbit in speed, which represents the largest attack we have mitigated to date.
This extremely large attack lasted a duration of 2 hours targeting an Australian hosting provider which was protected by our Micron21 Soak and Scrub Service. The attack starting slow at 10 Gbit in size during the first hour, then rapidly increased over the course of 30 minutes peaking at 90 Gbit maximum speed before reducing to 40 Gbit to 50 Gbit until the attack ended. The attack consumed 23TB of inbound data in two hours!
The attack peaked at 350 million packets per minute or 5.8 million packets per second. Natually as peak speed increased so did packets per second.
Multi Vector Attack - Domain, Port 0 and NTP
The source of the attack traffic was a mixture of different protocols towards the targeted host. The attack consisted majority of Domain, NTP and Port 0 traffic, all of which are common trends seen in layer 3 UDP Flood DDoS attacks. The purpose of using multiple vectors are to increase the size of the attack towards the host.
So where did the unwanted attack traffic come from?
Assuming the traffic was not spoofed and was either reflection traffic or direct traffic from compromised hosts below is a list of the top 26 source IP’s which we observed contributed to the attack. If you see a source IP address which you recognise in the below list, we would highly recommend you investigate security on your network / server.
If you’d like more information on our premium DDoS services, don’t hesitate to get in touch or visit our services page to learn more. We offer a variety of packages to suit your business requirements.