Google reveals the most powerful DDoS attack in history… albeit three years late

A whopping 2.5 Tbps…

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Google reveals the most powerful DDoS attack in history... albeit three years late

At the end of last week, Google slipped out a blog post that probably went under the radars of some folks.

In it, they revealed that they had mitigated against the largest known distributed denial-of-service (DDoS) attack, when its infrastructure blocked a whopping 2.5 Tbps (Terabits per second) attack.

That’s huge. In fact, “huge” hardly seems the right adjective for the scale of attack.

Sign up to our free newsletter.
Security news, advice, and tips.

To put it in some context, the notorious DDoS onslaught wrought by the Mirai IoT botnet in 2016, which attacked managed DNS service Dyn and left surfers struggling to to reach some of the world’s most well-known websites – including Twitter, Spotify, Github, Reddit and AirBnB – was measured at 623 Gbps.

And when GitHub suffered a DDoS attack in 2018, that peaked at some 1.35 terabits per second.

Google’s announcement last week of the 2.5 Tbs DDoS attack it mitigated means that we now have a new candidate for the biggest DDoS attack in history:

Our infrastructure absorbed a 2.5 Tbps DDoS in September 2017, the culmination of a six-month campaign that utilized multiple methods of attack. Despite simultaneously targeting thousands of our IPs, presumably in hopes of slipping past automated defenses, the attack had no impact. The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us.

You know what I find interesting? That Google has only told us now, three years later, about the biggest DDoS attack in history. I wonder why it hasn’t mentioned it before.

For now, until someone reveals they have measured a larger incident but have chosen to keep schtum about it, this September 2017 incident stands as the highest-bandwidth DDoS attack ever reported.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.