Google Discloses Biggest-Ever DDoS Attack

Google has said it fended off a record-breaking distributed denial-of-service (DDoS) attack in 2017.

The company said the 2.5 Tbps attack in September 2017 was carried out from within China, originating from the network of four Chinese internet service providers.

Damian Menscher, a security reliability engineer for Google Cloud, said the 2.5 Tbps peak was the “culmination of a six-month campaign” that used multiple methods of attack to disrupt Google’s infrastructure.

“Despite simultaneously targeting thousands of our IPs, presumably in hopes of slipping past automated defenses, the attack had no impact,” Mescher said.

Record-breaker

He said the incident demonstrates the volumes of DDoS traffic that can be achieved by a “well-resourced attacker”.

“This was four times larger than the record-breaking 623 Gbps attack from the Mirai botnet a year earlier,” he said, adding that it remains the highest-bandwidth attack to date.

An attack on Amazon Web Services’ (AWS) infrastructure in February of this year, peaking at 2.3 Tbps, was previously thought to be the biggest-ever DDoS attack.

Google disclosed the incident as part of a study into “exponential growth” in DDoS attack volumes.

Part of the rapid growth is due to the growth of the internet itself, which also provides bandwidth and compute resources to those defending against such attacks, Menscher noted.

“After accounting for the expected growth, the results are less concerning, though still problematic,” he said in the study.

Disruption

DDoS attacks are increasingly being used by criminals and nation-state groups to disrupt targets, for political or financial gain.

Security firm Radware last week warned of increasing activity by an unknown group threatening companies in a range of sectors with DDoS attacks unless they paid a Bitcoin ransom.

The group’s messages claim the threats originate with the “Fancy Bear”, “Armada Collective” or “Lazarus Group” hacking groups, depending on the intended recipient.

Radware advised organisations not to pay the ransom, as there is no guarantee the attackers will honour the terms of their threat.

“Paying only funds future operations, allows them to improve their capabilities and motivates them to continue the campaign,” the company said.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

14 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

15 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

16 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

17 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

20 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

20 hours ago