Akamai today released an Attack Spotlight recounting how it mitigated the largest distributed denial of service (DDoS) attack in its history. Earlier this year, an Akamai client, an unnamed software company, was the target of a massive DDoS attack–one that broke the 1 terabyte per second threshold for the first time.
The DDoS attack used a new vector called a memcached reflection attack. “Memcached was developed to act as a distributed memory caching system. Since the protocol uses UDP [User Datagram Protocol], an insecure protocol, and carries the potential for tremendous amplification, it has the key traits of a successful reflection-based attack vector,” the Attack Spotlight reports.
The memcached attack has the potential to wreak havoc on its victims. “A single UDP packet can request that the data be delivered to the DDoS target multiple times, creating a potential amplification factor in excess of 50,000 times the traffic sent,” the report explains. “For perspective, a DNS reflection attack typically uses domains that contain 3,000 to 5,000 bytes of data with an amplification factor below 500 times the traffic generated by offending tools.”
Akamai says mitigating memcached reflection attacks begins at the source and requires urgent action. For the record-breaking attack earlier this year, the developer was able to act quickly and disable the UDP port by default. Additionally, Internet service providers provided filtering and rate limiting of the UDP port used by default for this protocol.
Akamai will be sharing more of its cybersecurity expertise at the Akamai Government Forum on Thursday, June 14. At the event, industry cybersecurity experts will be joined by leading government cyber executives from the Departments of Transportation, Homeland Security (DHS), and State, as well as the Air Force, Navy, Army, Office of Management and Budget, and more. Experts will share how government executives can transform their agencies from the inside out with a Zero-Trust approach to security.
Registration is complimentary for the Akamai Government Forum, taking place Thursday, June 14, 7:45 a.m. to 2:00 p.m. at the Marriott Marquis in Washington, DC. Six CPE credits are available to attendees. Registration is open through 3 p.m. on Wednesday, June 13.