Read Time:2 Minute, 12 Second
Recently, internet giant Google successfully thwarted one of the most significant DDoS attacks of the year.
Distributed denial of service, known in the world of cybersecurity as DDoS, is a type of attack to attempt to slow down or crash a server. Its main goal is to affect the availability of a system such as a website or application, causing end users to be unable to access the service.
On June 1, 2022, hackers hit a Google Cloud customer with a series of HTTPS DDoS attacks. This type is typical in today’s world, but this malicious attempt stood out because the attacks peaked at 46 million requests per second. To have an idea of the scale of the episode, it is as if the website was receiving requests to access it equivalent to the daily requests to Wikipedia (one of the top trafficked websites in the world) in under 10 seconds.
At around 9:45 a.m. Pacific time, an attack of more than 10,000 requests per second (rps), grew to over 100,000 requests per second in just eight minutes. Google Cloud Armor Adaptive Protection detected and analysed the traffic early in the attack lifecycle and alerted the customer. The notice also recommended a rule to block the malicious attempt.
“We immediately took action to protect our customer’s resources and mitigated the attack without customer interaction,” said Google in a blog post.
The customer’s network security team immediately deployed the recommended rule into their security policy, effectively blocking the attack traffic and allowing the target workload to operate normally. The attack lasted 69 minutes, ending at 10:54 a.m. It was determined that the attack used 5,256 source IPs from 132 countries.
Though the malware behind the attack has yet to be determined, the geographic distribution of the services used closely resembled a Meris, a botnet responsible for DDoS attacks notorious in 2021.
Google researchers also noted that the attack leveraged encrypted requests, indicating that the devices used have relatively strong computing resources. They also discovered that the attack used Tor exit nodes to deliver the traffic.
“We believe that this attack used a new Dark web service that enables anyone with little technical expertise to launch large-scale HTTPS attacks,” said Elzur, one of the Google researchers who analysed the event.
Despite its size, the DDoS attack was successfully mitigated and did not significantly impact the customer’s business operations.
Attacks such as this will continue to grow and develop newer tactics. To avoid falling prey, Google recommends having an in-depth defence strategy with multiple controls and layers to protect web applications and services.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
