Cybersecurity firm Akamai mitigates one of the largest DDoS attacks against a customer

A record number of distributed denial-of-service (DDoS) attacks have targeted individuals and institutions across Europe, Asia, and the United States. The threat actors behind these attacks have evolved, using sophisticated tools and strategies to compromise victims.

Akamai mitigates one of the largest DDoS attacks

Akamai mitigated the largest attack ever targeting one of its customers on February 23. The DDoS attack targeted a Prolexic customer in the Asia-Pacific region, according to a statement by the company. The traffic in this campaign peaked at 900.1 gigabits per second and 158.2 million packets per second.

“In line with current trends, the attack was intense and short-lived, with most attack traffic bursting during the peak minute of the attack. Traffic patterns returned to normal after only a few minutes,” a statement from the company said.

Akamai said the attack was distributed across its scrubbing network, but the campaign was heavily sourced from APAC. The company also added that none of the individual scrubbing centers recorded over 12% of the total traffic. Most of the traffic went to Hong Kong, Osaka, Sao Paulo, Singapore, and Tokyo scrubbing centers.

48% of the traffic directed towards Akamai’s customer was in-region, with the company adding that all 26 of its large number of scrubbing centers recorded a significant amount of attack traffic from the threat actors behind this campaign.

In the announcement about this attack, Akamai also said it had employed the right defenses to mitigate against such DDoS campaigns. It noted that despite their robustness, modern networks usually succumb to large DDoS attacks.

DDoS campaigns can cripple the activities of organizations because they can do online businesses that rely on such connections to be inaccessible. This lack of accessibility can affect customers’ trust in a business, and it could result in financial loss, among other negative effects for the targeted organization.

Akamai also provided a list of the things that the company had done to mitigate this DDoS campaign and ensure that its customer’s systems did not suffer a major disturbance or go offline despite the magnitude of the attack. The company attributed the successful mitigation to platform, people and processes.

In terms of platform, Akamai said that it had employed a dedicated defense system with the capacity to scale to several times the size of the largest attack that has ever been reported publicly.

Akamai also has a strong team behind its operations. The company has more than 225 people situated across six global locations. This team has years of expertise, and they are tasked with mitigating some of the most sophisticated attacks targeting the most-demanding organizations globally.

In terms of process, Akamai said that it optimized the DDoS incident response using custom runbooks, service validation and regular drills to ensure that the platform was ready for operations.

The platform added that there was no collateral damage on the matter because of the proactive defense measures that had been adopted by the company. Additionally, the company noted that the increased operational risk had proven that having the proper DDoS mitigation strategy was key towards business success.

Protecting businesses against DDoS attacks

Akamai has also shared several recommendations that can be used by businesses that want to avoid falling victim to DDoS campaigns that might cripple their organizations. Some of the recommendations that Akamai gave to these companies could guarantee that despite being targeted by hackers, they have the right systems in place to mitigate the attacks.

Akamai has urged businesses to review and install the recommendations that have been proposed by the Cybersecurity and Infrastructure Security Agency (CISA). CISA has been instrumental in helping businesses protect themselves against cybersecurity attacks that could jeopardize their operations.

The cybersecurity company has also called for the review of critical subnets and IP spaces to guarantee that the appropriate mitigation measures are put in place. Additionally, deploying DDoS security controls is also a mitigation strategy that will set up the first layer of defense to lower the burden on the responders to these incidences.

Being proactive in these circumstances is also recommended. Proactiveness can be achieved by putting together a crisis response team and ensuring that runbooks and incident response plans are kept up to date. Playbooks can help an organization ensure that all its tech assets are kept up to date and that the team is also current and will help the company identify and mitigate against DDoS attacks before they wreak havoc.