Back to News
Market Impact: 0.35

'Largest-ever' cloud DDoS attack pummels Azure with 3.64B packets per second

Cybersecurity & Data PrivacyTechnology & Innovation
'Largest-ever' cloud DDoS attack pummels Azure with 3.64B packets per second

Microsoft said Azure auto-detected and mitigated what it called the largest-ever cloud DDoS on Oct. 24 — a 15.72 Tbps, nearly 3.64 billion packets-per-second UDP flood from more than 500,000 source IPs that targeted a single Australian endpoint and was attributed to the Mirai-derived Aisuru botnet, with no customer workloads interrupted. Aisuru, which infects home routers and cameras and has been escalating since August 2024 (including a 6.3 Tbps hit in June 2025), reportedly has capabilities exceeding 20 Tbps per Netscout; Cloudflare also reports a >40% year-on-year rise in attacks in Q2 2025, underscoring growing systemic risk to cloud, DNS and ISP infrastructure and the likelihood of even larger volumetric assaults that will continue to test providers' mitigation capacity.

Analysis

Microsoft's Azure auto-detected and mitigated what it called the largest-ever cloud DDoS on Oct. 24: a 15.72 Tbps UDP flood peaking at nearly 3.64 billion packets per second from over 500,000 source IPs aimed at a single Australian endpoint, with Microsoft reporting no customer workload interruptions. The attack was attributed to the Mirai-derived Aisuru botnet, which infects home routers and cameras and has escalated rapidly since August 2024; prior notable events include a 6.3 Tbps June 2025 hit on KrebsOnSecurity and Netscout reporting operator capabilities exceeding 20 Tbps. The event underscores a broader trend: Cloudflare reported a >40% year-over-year increase in DDoS attacks in Q2 2025, and operators are scaling volumetric capabilities in line with Internet growth, stressing network, DNS and ISP infrastructure. For cloud providers the immediate reputational impact was limited by successful mitigation, but the rapid escalation in attack scale implies higher ongoing operational risk, potential for increased security capex and product demand, and the possibility that future attacks could exceed current mitigation thresholds.

AllMind AI Terminal

AI-powered research, real-time alerts, and portfolio analytics for institutional investors.

Request a Demo

Market Sentiment

Overall Sentiment

moderately negative

Sentiment Score

-0.40

Key Decisions for Investors

  • Increase exposure to cybersecurity vendors and cloud-scale DDoS mitigation providers as demand for resilient edge and network defenses should rise given accelerating volumetric attacks
  • Monitor cloud providers' operational disclosures (mitigation capacity, incidents, SLAs and related capex/gross margin commentary) and trim positions if recurring outages or material guidance changes appear
  • Underweight or hedge exposure to smaller ISPs and consumer router/camera hardware suppliers that rely on large residential footprints, since their devices are primary infection vectors for Aisuru-style botnets
  • Watch regulatory, insurance and enterprise procurement developments for signs of rising compliance costs or new contractual security obligations that could pressure margins, and adjust valuations if companies disclose material security-related spend increases