A new distributed denial-of-service (DDoS) attack that took place on Monday, September 12, has broken the previous record that Akamai recorded recently in July.
DDoS attacks are cyberattacks that flood servers with fake requests and garbage traffic, rendering them unavailable to legitimate visitors and customers.
The cybersecurity and cloud services company Akamai reports that the recent attack appears to originate from the same threat actor, meaning that the operators are in the process of empowering their swarm further.
The victim is also the same as in July, an unnamed customer in Eastern Europe who has been “bombarded relentlessly” by the DDoS operatives all this time.
On September 12, these attacks culminated at unprecedented levels when the “garbage” traffic sent to the target network peaked at 704.8 Mpps, roughly 7% higher than the July attack.
Apart from the volume of the attack, the threat actors also expanded their targeting, which was previously rather narrow, focusing on the company’s primary data center.
This time, the threat actors spread their firepower to six data center locations in Europe and North America.
Additionally, Akamai detected and blocked 201 cumulative attacks, compared to 75 in July, and recorded traffic sources from 1813 IPs, compared to 512 previously.
“The attackers’ command and control system had no delay in activating the multidestination attack, which escalated in 60 seconds from 100 to 1,813 IPs active per minute,” comments Akamai in the report.
This expansion in the targeting scope aims at hitting resources that are not prioritized as critical and thus inadequately protected but whose downtime will still cause trouble to the firm.
“An attack this heavily distributed could drown an underprepared security team in alerts, making it difficult to assess the severity and scope of the intrusion, let alone fight the attack.” – Akamai
The particular company, however, had taken precautions due to the July attack and had secured all their 12 datacenters, resulting in 99.8% of the malicious traffic being pre-mitigated.
The motivation behind these persistent and massive-scale attacks remains unknown, but the region of Eastern Europe has been at the epicenter of hacktivism since the start of the year.