Google blocked record-breaking 2.5Tbps DDoS attack in 2017

The previously unknown attack, which was triggered by state-backed hackers, is the largest DDoS attack on record

Google has revealed that its infrastructure absorbed a 2.5Tbps distributed denial of service (DDoS) attack in 2017, the largest such attack in terms of its sheer volume ever recorded.

The previously undisclosed DDoS attack was the culmination of a six-month campaign launched by Chinese-backed hackers that used multiple methods of attack, although ultimately had no material impact. 

Google’s Security Reliability Engineering team measured the record-breaking attack sourced from several Chinese ISPs, with the attacker using several networks to spoof 167 millions of packets per second to 180,000 exposed servers. These included vulnerable CLDAP, DNS and SMTP servers.

“This demonstrates the volumes a well-resourced attacker can achieve,” said Google Cloud’s security reliability engineer Damian Menscher. 

“This was four times larger than the record-breaking 623 Gbps attack from the Mirai botnet a year earlier. It remains the highest-bandwidth attack reported to date, leading to reduced confidence in the extrapolation.”

The revelation comes as part of wider Google Cloud analysis that DDoS attacks are exponentially growing across all metrics, including bits per second (bbps), network packets per second (pps), and HTTP(S) requests per second (rps).

As a signal to reinforce the view that DDoS attacks are indeed increasing in the scale of the threat they pose, both Amazon and Akamai both claimed to have prevented record-breaking attacks this summer. 

The former fended off a reported attack which hit 2.3Tbps in its peak in mid-June, 44% larger than anything Amazon had registered before. The latter also claimed to have prevented the largest-ever DDoS attack in terms of pps just a couple of weeks later. This second attack reached a peak of 809 million pps.

This exponential growth coincides with the exponential growth of the internet itself, Menscher added, which provides bandwidth and compute not only to attackers, but to defenders itself. After accounting for the expected growth, the exponential rise is less concerning, although still represents a major problem.

Google Cloud claims to work with others in the internet community to identify and dismantle infrastructure used to conduct attacks, with DDoS mitigation a collaborative effort. 

The record-breaking 2.5Tbps attack in 2017, for example, led to Google reporting thousands of vulnerable servers to network providers. Further collaborative efforts were invested in tracing the source of the spoofed packets so they could be filtered.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Sophos Intercept X Advanced review: AI-powered protection
endpoint security

Sophos Intercept X Advanced review: AI-powered protection

30 Nov 2021
SMBs urged to update software ahead of Black Friday
e commerce

SMBs urged to update software ahead of Black Friday

25 Nov 2021
US adds dozen Chinese tech companies to trade blacklist
Policy & legislation

US adds dozen Chinese tech companies to trade blacklist

25 Nov 2021
Fifth of UK security pros discriminated against in 2021
Careers & training

Fifth of UK security pros discriminated against in 2021

23 Nov 2021

Most Popular

Business customers can get 30% off the Surface Laptop Go for Black Friday 2021
Laptops

Business customers can get 30% off the Surface Laptop Go for Black Friday 2021

26 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
Flaw in Android phones could let attackers eavesdrop on calls
Google Android

Flaw in Android phones could let attackers eavesdrop on calls

26 Nov 2021