Microsoft Azure’s DDoS protection platform successfully mitigated unprecedented 2.4 Tbps attack

Kareem Anderson


Microsoft has warned repeatedly that cyber-attacks will rise and become more sophisticated over time, both as a victim and arbiter of protection from said attacks.

More than pontificating on the future, Microsoft has been hard at work to mitigate the effects of cyber-attacks as well as squashing them before they have a chance to bloom.

According to senior program manager for Azur Networking at Microsoft, Amir Dahan the company has quietly fended off a 2.4 Tbps DDoS attack targeting Azure customers in Europe.

The most recent DDoS attack represents a 140 percent spike over the previous record holder at 1 Tbps in Q4 of 2020. Overall, Microsoft’s Azure Networking team has reported a 25 percent increase in the total number of attacks in 2021 over 2020 but a slight decline in the maximum attack throughput of the attacks.

Azure DDoS Protections

More specifically, the 2.4 Tbps late August 2021 attack traffic, “originated from approximately 70,000 sources and from multiple countries in the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States.”

For Azure users, thankfully, Microsoft’s distributed DDoS detection can scale to absorb tens of terabits of DDoS attacks and becomes a buffer between attackers and Azure customers.

Attack mitigation lifecycle is orchestrated by our control plane logic that dynamically allocates mitigation resources to the most optimal locations, closest to the attack sources. In this case, attack traffic which originated in the Asia-Pacific region and the United States did not reach the customer region but was instead mitigated at the source countries.

In addition to scaling, Azure DDoS protections also help to mitigate damage from large attacks through its control plane logic which cuts through regular detection steps to trigger mitigating sequences.

Microsoft offers customers a chance to “enroll in DDoS Protection Standard to receive data-transfer and application scale-out service credit for resource cost incurred because of documented DDoS attacks.”

To help customers assess the value of its Azure DDoS Protection Standard solution, Microsoft offers DDoS attack telemetry and logs to reference the breadth of danger out there.