Microsoft says that it mitigated a 2.4 Tbps distributed-denial-of-service (DDoS) attack on its Azure network in August. DDoS attacks are usually a tool used to take down websites or systems, often flooding them with traffic that the server can't handle. This was significantly higher than an attack on the Azure network in 2020 that reached peak traffic speeds of 1 Tbps. This 2.4 Tbps attack is higher than any network volumetric event previously detected on Azure.

Microsoft says that the attack lasted a little bit longer than 10 minutes with very short-lived bursts, each ramping up in seconds to terabit volumes. In total, there were three peaks; the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps. Thanks to Azure's DDoS protection platform (built on distributed detection and mitigation platforms), customers were completely unaffected. Furthermore, Microsoft says that its DDoS protection platform can withstand the brunt of tens of terabits of traffic. This attack comes close to the largest DDoS attack ever recorded -- Google was hammered by 2.54 Tbps of traffic in 2018.

The attack on the Azure network originated from approximately 70,000 sources in multiple countries such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as from the United States. Typically, DDoS attacks are initiated with a botnet that's controlled by the attacker. A botnet is usually made up of compromised machines, and Internet of Things devices are a prime candidate for attackers. The Mirai botnet is a prime example of this, infecting IoT devices such as routers and IP cameras for later usage in taking down websites. The exact nature of this particular attack is unclear.

Azure shared DDoS attack trends at the beginning of August, showing a 25-percent increase in the number of attacks for the first half of 2021 compared to Q4 of 2020. However, average throughput (the attack scale) decreased from 1 terabyte per second to 625 Mbps over the same timescale.