Key Points

  • Google has claimed that it has curbed the largest DDoS attack in history
  • The company says that a Cloud Armor client was the target of the HTTPS DDoS attack in June
  • According to Bleeping Computer, there were 46 million HTTPS requests per second, making it the largest DDoS attack in history

Google has disclosed that the largest HTTPS distributed denial-of-service (DDoS) attack ever recorded was directed toward one of its cloud customers.

According to Bleeping Computer, a customer of Cloud Armor was the target of an assault that peaked at 46 million requests per second (RPS).

The aforementioned number makes it the DDoS attack in history; it surpasses the previous record holder, a 26 million RPS attempt prevented by Cloudflare in June, by approximately 80%.

YOU MAY ALSO LIKE: How to protect your digital infrastructure from cyber attacks?

Google DDoS attack in June: what exactly happened?

The latest DDoS attack occurred on June 1 with an initial aim of sending 10,000 RPS requests to HTTP/S Load Balancer. That number saw a 10x growth and reached 100,000 RPS within eight minutes, alerting Google’s Cloud Armor Protection. 

After the ten-minute mark, a whopping 46 million requests per second were directed toward the victim. Although these numbers may mean nothing to people who do not understand the nature of this attack. To put that in context, Google said that the attack was equivalent to sending all daily Wikipedia requests in just 10 seconds. 

The large volume of traffic directed toward the victim lasted for an hour. 

What did Google have to say about this massive DDoS attack?

Google researchers showed that 5,256 IP addresses scattered over 132 countries were employed to deliver traffic from the HTTPS DDoS attack. And a newbie did not execute it either—HTTPS queries were encrypted, implying that the computers involved in the operation might have had access to substantial computing resources.

Google could not figure out the exact name of the virus that was tied to the attack. However, probing where the attack originated revealed that Mris, the botnet responsible for two previous DDoS records, was involved (17.2 million RPS and 21.8 million RPS, respectively).

DDoS attacks are increasing

The number of DDoS attacks has surged over the past decade, affecting companies across different geographies and sectors. According to Radware’s 2022 H1 Global Threat Analysis Report, the number of DDoS events per customer saw a 203% rise compared to the attacks in the first half of 2021. 

According to Rik Turner, Senior Principal Analyst at Omdia, volumetric attacks are simply one form of exploit, and even though record high volumes are announced almost yearly, it is not true that the proportion of volumetric DDoS attacks is increasing linearly. 

Even when maximum volumes increase, the proportion of volumetric attacks decreases in some years since attackers may explore new attack tactics.

What are your thoughts on this story? You can leave a comment below and let us know what you think. 

YOU MAY ALSO LIKE: Everything you should know about zero-days and zero-day attacks in cybersecurity

Read the latest tech news on iTMunch

Feature Image Source: Hacker photo created by freepik – www.freepik.com