Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second

Cyber Security

Products You May Like

Google’s cloud division on Thursday disclosed it mitigated a series of HTTPS distributed denial-of-service (DDoS) attacks which peaked at 46 million requests per second (RPS), making it the largest such recorded to date.

The attack, which occurred on June 1, targeting an unnamed Google Cloud Armor customer, is 76% larger than the 26 million RPS DDoS attack repealed by Cloudflare earlier this June.

CyberSecurity

“To give a sense of the scale of the attack, that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds,” Google Cloud’s Emil Kiner and Satya Konduru said.

It’s said to have started around 9:45 a.m. PT with 10,000 RPS, before growing to 100,000 RPS eight minutes later and further ramping up within two minutes to hit a high of 46 million RPS at 10:18 a.m. PT. In all, the DDoS assault lasted for a total of 69 minutes.

Google said that the unexpectedly high volume of traffic originated from 5,256 IP addresses located in 132 countries, with Brazil, India, Russia, and Indonesia alone accounting for 31% of all the attack requests.

22% of the IP addresses (1,169) corresponded to TOR exit nodes, but were responsible for just 3% of the attack traffic.

CyberSecurity

“The attack leveraged encrypted requests (HTTPS) which would have taken added computing resources to generate,” the company noted. “The geographic distribution and types of unsecured services leveraged to generate the attack matches the Mēris family of attacks.”

In September 2021, the Mēris botnet was linked to a DDoS attack on Russian internet giant Yandex that peaked at 21.8 million RPS. Parts of the botnet’s infrastructure were sinkholed in late September 2021.

Products You May Like

Articles You May Like

Xiaomi 14T, Xiaomi 14T Pro Pricing and Key Specifications Leaked Ahead of Anticipated Debut
Here’s How AI is Helping Astronomers to Understand Universe’s Fundamental Parameters
New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads
SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments
iPhone 16 Pro Max Leaked Dummy Unit Offers Glimpse at New Desert Titanium Colourway

Leave a Reply

Your email address will not be published. Required fields are marked *