Cyber Attack: DDoS Attack Exploiting UDP Ports Never Gets Old

On October 21, 2021, Microsoft announced that they successfully fended off a 2.4 Tbps DDOS attack targeting Azure customers, surpassing the 2.3 Tbps attack stopped by Amazon in February 2020.

DDoS attack exploiting UDP ports never gets old as they are hundreds and thousands of servers leaving exploitable UDP ports exposed to the internet.

The attackers can exploit these UDP ports by commanding the computers they have infected (also called botnets) to send an insane volume of UDP traffics with the spoofed IP address of a legitimate server to the victims they are targeting with the objective to render the system or the application inoperable. Since the attack traffic looks like legitimate traffic coming from valid servers, it is hard to mitigate the attack without blocking the legitimate server.

Refer to these guidelines published by the Cybersecurity & Infrastructure Security Agency (CISA) on the information of top UDP exploitable ports, along with detection and mitigation steps.