LONDON—A massive distributed denial-of-service attack generating 809 million packets per second was recently directed against a large European bank, according to the security firm Akamai.
Akamai researchers call the incident a “strong indicator that DDoS attacks are still an important attack vector for cybercriminals and should remain a top security concern for companies.”
The previous known record for this type of DDoS attack is 500 million packets per second in a January 2019 incident, Bank Info Security stated, citing data from Imperva.
In the European bank incident, which was launched against an Akamai customer that the company didn't identify, analysts were surprised at how fast the attack scaled, jumping from a normal traffic level of 418 GB per second to 809 million packets per second in just two minutes, with the entire attack lasting for less than 10 minutes, according to the report.
The ‘Unusual Aspect’
The company helped the bank mitigate the attack, so there was no disruption to the bank's network or services and no damage to its infrastructure, said Roger Barranco, vice president of Akamai's global security operations.
“One unusual aspect of this attack was the botnet army used against the bank's network appeared to be new. Akamai notes that over 96% of the IP addresses utilized against the bank had not been used in other recent attacks,” Bank Info Security explained.
"We had observed a number of different attack vectors coming from the 3.8% of remaining source IPs, both matching the single attack vector seen in this attack and aligned to others. In this case, most of the source IPs could be identified within large internet service providers via autonomous system lookups, which is indicative of compromised end-user machines," Thomas Emmons, a principal product architect with Akamai, noted in the report.