The DDoS attack was mitigated by AWS Shield DDoS protection service.
Last year, Amazon Web Service (AWS) suffered a DDoS attack that lasted for 8 hours. Now, in its AWS Shield Threat Landscape report, the company has revealed it mitigated the largest-ever DDoS (distributed denial of service) attack in mid-February, 2020.
According to the report, it was a 2.3 TBPS attack, which clearly is way beyond the previous largest record of 1.7 TBPS against a US firm that was mitigated by Netscout Arbor in 2018.
The report didn’t disclose the customer targeted in the attack, however, the company noted that it was a reflection attack carried out through CLDAP (Connection-less Lightweight Directory Access Protocol) web servers. The attack caused an “elevated threat” for the AWS Shield Staff and continued for three days.
CLDAP is used to search, connect, and modify internet-shared directories; it is a relatively new alternative to the LDAP (Lightweight Directory Access Protocol) protocol and has frequently been abused since 2016.
Furthermore, by using CLDAP servers, attackers can amplify DDoS traffic to up to 70 times its original size; hence, it is a commonly preferred protocol by DDoS-for-hire services.
AWS’s report [PDF] also noted that the motive behind the attack is yet unclear but it is a general observation that attacks increase whenever attackers discover a new vector.
The revelation comes at a time when it is reported that the number and frequency of DDoS attacks have declined mainly due to collaborative efforts from ISPs, internet services, and content delivery networks for securing vulnerable Memcached systems.