Akamai Mitigates Record DDoS Attack in Asia-Pacific (900 Gbps)
Following last summer’s record-setting attacks on Europe, the distributed denial-of-service (DDoS) threat landscape continues to morph and intensify.
On February 23, 2023, at 10:22 UTC, Akamai mitigated the largest DDoS attack ever launched against a Prolexic customer based in Asia-Pacific (APAC), with attack traffic peaking at 900.1 gigabits per second and 158.2 million packets per second.
In line with current trends, the attack was intense and short-lived, with most attack traffic bursting during the peak minute of the attack. Traffic patterns returned to normal after only a few minutes (Figure 1).
Fig. 1: The attack was intense and short-lived, and was fully pre-mitigated
Distributed across our scrubbing network
The attack was distributed across our scrubbing network, but was most heavily sourced from APAC (Figure 2). No individual scrubbing center saw more than 12% of the total traffic, with the top locations being Hong Kong, Tokyo, São Paulo, Singapore, and Osaka. Forty-eight percent of traffic was in-region. All 26 of our ever-expanding fleet of scrubbing centers saw some amount of attack traffic.
Fig. 2: The attack was distributed across our scrubbing network, but was most heavily sourced from APAC
Mitigation strategy
Without the right defenses, even a robust, modern network would likely collapse under an assault of this magnitude, making any online business that’s reliant on that connection completely inaccessible. That inaccessibility can jeopardize consumer trust, result in financial loss, and have other serious ramifications.
To thwart the attack and safeguard our customer, Akamai Prolexic employed its industry-leading combination of platform, people, and processes to pre-mitigate the assault:
Platform: a dedicated defense capacity that scales to several times the size of the largest publicly reported attacks
People: more than 225 frontline responders across six global locations with decades of expertise who mitigate the most sophisticated attacks for the world’s largest, most-demanding organizations
Process: optimized DDoS incident response plans through custom runbooks, service validation, and operational readiness drills
No collateral damage
There was no collateral damage thanks to our proactive defense posture for this customer.
In the wake of heightened operational risk, having a proven DDoS mitigation strategy is imperative for online businesses to thrive. To stay ahead of the latest threats, employ the following recommendations.
Guidance on minimizing DDoS risk
Immediately review and implement Cybersecurity and Infrastructure Security Agency (CISA) recommendations.
Review critical subnets and IP spaces, and ensure that they have mitigation controls in place.
Deploy DDoS security controls in an always-on mitigation posture as a first layer of defense to avoid an emergency integration scenario and to reduce the burden on incident responders. If you don’t have a trusted and proven cloud-based provider, get one now.
Proactively pull together a crisis response team and ensure runbooks and incident response plans are up-to-date:
For example, do you have a runbook to deal with catastrophic events?
Are the contacts within the playbooks updated? A playbook that references outdated tech assets or people who have long left the company isn’t going to help.
Additional information
For additional information on the steps you can take to protect your organization, please check out the following CISA resources:
