{"id":36984,"date":"2020-06-30T10:40:14","date_gmt":"2020-06-30T10:40:14","guid":{"rendered":"https:\/\/www.vmengine.net\/2020\/06\/30\/cyber-security-aws-thwarts-the-largest-ddos-attack-in-history\/"},"modified":"2025-05-23T17:21:56","modified_gmt":"2025-05-23T17:21:56","slug":"cyber-security-aws-thwarts-the-largest-ddos-attack-in-history","status":"publish","type":"post","link":"http:\/\/temp_new.vmenginelab.com\/en\/2020\/06\/30\/cyber-security-aws-thwarts-the-largest-ddos-attack-in-history\/","title":{"rendered":"Cyber Security: AWS Thwarts the Largest DDoS Attack in History"},"content":{"rendered":"<div class=\"et_pb_section et_pb_section_169 et_section_regular\" >\n<div class=\"et_pb_row et_pb_row_255\">\n<div class=\"et_pb_column et_pb_column_4_4 et_pb_column_252  et_pb_css_mix_blend_mode_passthrough et-last-child\">\n<div class=\"et_pb_module et_pb_text et_pb_text_404  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p class=\"CorpoA\" style=\"text-align: center;\"><span style=\"font-size: 14.0pt;\">What would happen if <b>the largest DDoS attack in history<\/b> was launched against the most important of Cloud Providers?  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">Just a short time ago, <b>Amazon Web Services<\/b> said that last February, the <a href=\"https:\/\/aws.amazon.com\/it\/shield\/\"><br \/>\n  <i>AWS Shield<\/i><br \/>\n<\/a> service was able to thwart a 2.3 Tbps DDoS attack, the largest ever recorded. Not bad.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: center;\"><span style=\"font-size: 14.0pt;\"><em>But what is it all about? Let&#8217;s see it together.<\/em> <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\"><strong>DDoS attacks<\/strong> are a cyber threat that is as simple to implement as it is effective: capable of crashing a company, or critical infrastructures such as hospitals and airports, in a matter of seconds. <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">The acronym stands for <strong><br \/>\n  <i>Distributed Denial of Service (DDoS),<\/i><br \/>\n<\/strong> and consists <i>of<\/i> bombarding a site with requests, until it becomes unreachable.  <\/span><\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_405  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<h3 style=\"text-align: center;\"><strong>Cyber attacks<\/strong><\/h3>\n<\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">According to data from the latest <strong><br \/>\n  <a href=\"https:\/\/clusit.it\/rapporto-clusit\/\">report by Clusit<\/a><br \/>\n<\/strong>, the Italian association for computer security, it is among the attacks that affect a company every five minutes along with malware and ransomware.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">And if their use has decreased compared to previous years, recording a -66.96%, their power has increased: the average bandwidth occupied has gone from 11 gigabits per second in 2016 to 59 gigabits per second in 2017. In practice, fivefold.  <\/span><\/p>\n<blockquote>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">&#8220;<i>These will be the next choices in the field of cyber security<\/i> ,&#8221; said Andrea Zapparoli Manzoni of the Clusit steering committee<i>  to determine the chances of survival of our current digital society. At the heart of the matter is a critical issue that is both cultural and economic: we have built our digital civilization without taking into account the costs related to its protection and defense, according to a business model that does not provide for them, except in a residual way and, where possible, avoids or minimizes them. Accordingly<\/i>  &#8211; he concludes &#8211; <i>these resources are not available, and today in the world we invest in cyber security a tenth of what we should reasonably spend<\/i>&#8220;.<\/span><\/p>\n<\/blockquote>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_406  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<h3 style=\"text-align: center;\"><strong>The Threat<\/strong><\/h3>\n<\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">This is no small threat to small and large companies already grappling with the greatest emergency since the post-war period.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">In fact, Amazon Web Services calculated that the attack it faced <strong>was 44% larger<\/strong> than any other event of the same type previously recorded. The attack went on for three days, during a week in mid-February.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">Thus, Amazon Web Services has published a document called <b><a href=\"https:\/\/aws.amazon.com\/it\/blogs\/security\/aws-shield-threat-landscape-report-now-available\/\">AWS Shield Threat Landscape<\/a> <\/b>that reports the details of various attacks mitigated by the AWS Shield protection service.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">AWS did not disclose the identity of the target of the DDoS attack, but said that it was carried out through the breach of <strong><br \/>\n  <i>Connection-less Lightweight Directory Protocol (CLDAP) web servers<\/i><br \/>\n<\/strong> and lasted for three days.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">Since the end of 2016, CLDAP servers have been repeatedly used for DDoS attacks, as they are able to amplify DDoS traffic by 56 to 70 times its initial size.  <\/span><\/p>\n<p class=\"CorpoA\" style=\"text-align: justify; text-justify: inter-ideograph;\"><span style=\"font-size: 14.0pt;\">Today, CLDAP is a highly sought-after protocol for cybercriminals and is distributed over the network by several DDoS providers.  <\/span><\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_81 et_animated et_pb_promo  et_pb_text_align_center et_pb_bg_layout_dark\">\n<div class=\"et_pb_promo_description\">\n<h2 class=\"et_pb_module_header\">Have you ever carried out a Security Assessment for your company?  <\/h2>\n<div>\n<p style=\"text-align: center;\">IT infrastructure vulnerabilities are at the <strong>root of all cyber security issues<\/strong>.<\/p>\n<p style=\"text-align: center;\">These vulnerabilities affect everything running on your network, which is why you need to find and eliminate them.<\/p>\n<p style=\"text-align: center;\">This type of vulnerability cannot be detected through an automatic assessment, but requires <strong>targeted assessment activities<\/strong>.<\/p>\n<\/div>\n<\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/temp_new.vmenginelab.com\/en\/contacts\/\">Request it now<\/a><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>What would happen if the largest DDoS attack in history was launched against the most important of Cloud Providers? Just a short time ago, Amazon Web Services said that last February, the AWS Shield service was able to thwart a 2.3 Tbps DDoS attack, the largest ever recorded. Not bad. But what is it all [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":31940,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2297,1374],"tags":[4153,3950,4061,3712,4154],"class_list":["post-36984","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en","category-the-analysis","tag-aws-shield-en","tag-cyber-security-en","tag-cyber-security-aws-en","tag-ddos-attacks","tag-hacker-attack"],"aioseo_notices":[],"jetpack_featured_media_url":"http:\/\/temp_new.vmenginelab.com\/wp-content\/uploads\/2020\/06\/lp3GUtG2waC88-1.gif","amp_enabled":true,"_links":{"self":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/36984","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/comments?post=36984"}],"version-history":[{"count":1,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/36984\/revisions"}],"predecessor-version":[{"id":41483,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/36984\/revisions\/41483"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/media\/31940"}],"wp:attachment":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/media?parent=36984"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/categories?post=36984"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/tags?post=36984"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}