The largest DDoS attack in history
A 69-minute Denial of Service (DDoS) attack hit 46 million. Requests are blocked by the Google system within seconds.
The incident happened on June 1, and Google explained it in a blog post this week. Back then, the Google Cloud client was the target of a DDoS attack with a high number of service requests per second (rps). The 46 million RPM campaign surpassed Cloudflare’s previous record of 26 million by 76%. revolutions per minute.
Wikipedia, one of the top 10 most visited websites in the world, receives as many queries every 10 seconds as it does in a day, according to a Google representative.
The chart includes the number of requests sent to the system during an attack. See: Google
DDoS is a type of denial of service attack that sends a large number of requests to a target system, overloading the system and potentially crashing it. The attack began on June 1st. Mornings from 10,000 rpm with HTTP/S load balancing. Eight minutes later, that number rose to 100,000 requests.
The security system is activated. Two minutes later, however, the rate of attack increased further to 46 million rpm.
According to Google, when the number of requests increased to 100,000 RPM, their Adaptive Defense tool detected Cloud Armor and issued notifications to customers, classifying the traffic as abnormal signals. A set of rules was created to prevent such requests while maintaining the functionality of the target system.
The disaster ended after 69 minutes. “Maybe the attacker stopped the DDoS attack because he realized that paying a lot of money didn’t bring the desired results,” says a Google security researcher.
Emil Keener, product manager at Cloud Armor, said the DDoS attack affected 5,256 IPs from 132 countries. The way they were implemented and the geographic distribution of the IP addresses suggest that it may have been an attack from Mary’s computer network, using insecure proxies to disguise the true source.
Also, they use HTTPS feature to encrypt which wastes computer resources and leads service providers to decide to disable encryption.
According to Google, customers are protected by enabling Cloud Armor beforehand. If the number of requests sent to the server is unusually high, choose “throttle” instead of “cad”, which means ordinary users can continue to work with the system. Because abnormal access is blocked at the “edge” by Google, the service is unaffected.
According to analysts, the frequency and scale of denial of service attacks has increased rapidly in recent years. In June alone, two DDoS incidents were recorded with a record number of requests – 26 million each. rps and 46 million rps This type of threat increased by more than 203 percent in the first half of this year compared to the same period last year, according to a recent Radware report. Although according to Kaspersky, the number of DDoS attacks in the first half of 2022 compared to the previous quarter increased by 46% qoq, which is an all-time high.
Lu Kui