Google reveals the most powerful DDoS attack in history… albeit three years late

A whopping 2.5 Tbps…

Graham Cluley
@gcluley

At the end of last week, Google slipped out a blog post that probably went under the radars of some folks.

In it, they revealed that they had mitigated against the largest known distributed denial-of-service (DDoS) attack, when its infrastructure blocked a whopping 2.5 Tbps (Terabits per second) attack.

That’s huge. In fact, “huge” hardly seems the right adjective for the scale of attack.

Sign up to our newsletter
Security news, advice, and tips.

To put it in some context, the notorious DDoS onslaught wrought by the Mirai IoT botnet in 2016, which attacked managed DNS service Dyn and left surfers struggling to to reach some of the world’s most well-known websites – including Twitter, Spotify, Github, Reddit and AirBnB – was measured at 623 Gbps.

And when GitHub suffered a DDoS attack in 2018, that peaked at some 1.35 terabits per second.

Google’s announcement last week of the 2.5 Tbs DDoS attack it mitigated means that we now have a new candidate for the biggest DDoS attack in history:

Our infrastructure absorbed a 2.5 Tbps DDoS in September 2017, the culmination of a six-month campaign that utilized multiple methods of attack. Despite simultaneously targeting thousands of our IPs, presumably in hopes of slipping past automated defenses, the attack had no impact. The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us.

You know what I find interesting? That Google has only told us now, three years later, about the biggest DDoS attack in history. I wonder why it hasn’t mentioned it before.

For now, until someone reveals they have measured a larger incident but have chosen to keep schtum about it, this September 2017 incident stands as the highest-bandwidth DDoS attack ever reported.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.