With practically the entire business world moving online and into some form of cloud space, it shouldn’t be much of a surprise that companies, and specifically cloud providers have to spend significant amounts of time and effort thwarting off a variety of cyber-attacks. Amazon’s Web Services have announced in their recent Q1 2020 Quarterly report that they may have fended off one of the biggest attacks of all time (as reported by ZDNet).
According to the company, the company recently had to defend against a DDoS (Distributed Denial-of-service) attack in February with a peak traffic volume of 2.3 Tbps. An attack that it was able to mitigate through its AWS Shield service that is designed to protect customers of Amazon’s on-demand cloud computing platform from DDoS attacks and prevent their system from falling over, which is the purpose of these attacks.
To put that number into perspective, prior to February of this year, ZDNet notes that the largest DDoS attack recorded was back in March 2018, when NetScout Arbor mitigated a 1.7 Tbps attack. The previous month, GitHub disclosed that it had been hit by an attack with a peak of 1.35 Tbps. So this effort was significantly bigger than those two known attacks and apparently more than double anything amazon has ever been hit with before.
The attack that AWS fended off was a so-called “reflection attack.” Essentially what this means is that they try to use a vulnerable third-party server to amplify the amount of data being sent to a victim’s IP address. It mainly relies on exploiting CLDAP servers (what are used to connect, search and modify different cloud directory addresses and handle authentication of these) to amplify its traffic.
While a malicious attack of this size is a concern, the fact that the company was able to defend against it successfully without bringing its entire infrastructure down does show the strength that many of these cloud providers have and how in using them, companies can be saved from being attacked themselves.
Last Updated: June 22, 2020