Amazon has announced that its AWS Shield has repelled the largest ever 2.3 Tbps DDoS attack in mid-February of this year

Amazon has announced that its AWS Shield has repelled the largest ever 2.3 Tbps DDoS attack in mid-February of this year.

It did not specify the target AWS client, but it reports that the attack was carried out using compromised CLDAP web servers and caused AWS Shield personnel to spend three days in “high threat” mode.

CLDAP (Connection-less Lightweight Directory Access Protocol) is an alternative to the older LDAP protocol and is used to connect, search, and modify X.500 shared directories. Both protocols work on port 389; however, as LDAP works over TCP, CLDAP uses UDP. Hackers have been using it for DDoS attacks since late 2016. Using CLDAP allows DDoS traffic to be “amplified” by 56–70 times over its original size, making it a popular protocol and a common tool provided by DDoS-for-hire services.

The previous record for the largest DDoS attack ever recorded was 1.7 Tbps, deflected by the NETSCOUT Arbor security system in March of 2018. That was preceded by the former record of 1.3 Tbps in February 2018 during a DDoS assault on the GitHub web service. Most DDoS attacks currently peak at 500 Gbps, so the news of an unprecedented 2.3 Tbps attack on AWS came as a surprise to the industry.

In order to secure your business, HOSTKEY also offers a basic DDoS Protection as a complimentary service with our dedicated servers in the Netherlands, the USA and Russia. Optimized to reflect the most common types of DDoS attacks — volumetric attacks. This type of attack is aimed at slowing or stopping access to the network through overwhelming its bandwidth capabilities by flooding it with huge amounts of bogus traffic.