AWS Shield foiled a 2.3 Tbps DDoS attack

The AWS Shield tool made available to customers by Amazon as an integral part of its cloud offering has been able to mitigate the effect of a 2.3 Tbps DDoS attack detected in mid-February, the most impressive ever got news. The Seattle group makes it known today with the publication of the AWS Shield Threat Landscape report (link at the bottom of the article).

The largest DDoS attack ever stopped by AWS Shield It has not been revealed the identity of the target, but it is confirmed that the action manager used compromised Connection-less Lightweight Directory Access Protocol (CLDAP) servers causing three days of headaches and alerting the staff engaged on the service. The protocol in question is one of those most used in recent years by cybercriminals to expand the scope and effect of attacks, even by those who manage DDoS-for-hire services such as the now defunct vDOS.



Amazon therefore snatched the particular primacy from NETSCOUT Arbor which in March 2018 had successfully blocked another 1.7 Tbps attack. The previous month GitHub had to deal with a 1.3 Tbps action. In both cases, the managers had leveraged Memcached servers. Today, on average, such an action has a range that varies from an average of 5 Gbps to peaks of 400-500 Gbps.

Source: AWS (PDF)