Now that cryptocurrency is taking a few hits, it looks like distributed denial-of-service (DDoS) attacks are rising again. Google Cloud recently held off the largest Layer 7 attack ever recorded. The attack was launched in June this year against one of the company’s Cloud Armour customers.
Google hasn’t shared who was targeted, only how badly things might have gone if its services hadn’t been there to take the hit. The scale of the attack was also considerably larger than the previously-reported record of 26 million requests per second (RPS).
Driftin on a Google Cloud
Google Cloud’s software detected, on 1 June, an attack that generated 10,000 requests per second. A few minutes later, this spiked to 100,000 requests per second. Since the previous record was 26 million, you know there’s more to come. At its peak, the attack hammered 46 million requests per second on its target.
According to Google, “…that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds”.
All told, the DDoS attack lasted for 69 minutes. 5,256 different IP addresses were involved, from 132 different countries. The top four countries involved were Brazil, Russian, India, and Indonesia, which handled about 31% of the traffic on their own.
Obviously, the search giant wouldn’t be discussing this out in public if its systems couldn’t handle the attack. Its explanation of what went down and how Google’s Adaptive Protection was able to respond to it are an ad for the company’s Cloud Armour services. The search giant does have a point, though. DDoS attacks are increasing in intensity. You might not need protection on a personal blog. Mission-critical systems, though, probably could do with a very large bouncer monitoring traffic as it comes in.
