Google blocks a record DDoS attack of 46 million requests per second


Distributed denial-of-service (DDoS) attacks are becoming more common and growing exponentially. Google Cloud Armor customer was recently hit by the largest Layer 7 DDoS attack to date.

A series of HTTPS DDoS attacks peaked at 46 million requests per second, and the attack was 76% larger than the previously reported record.

“To give a sense of the scale of the attack, it’s like getting all daily queries to Wikipedia (one of the top 10 most visited websites in the world) in just 10 seconds,” Google said.

Layer 7 is the highest layer that supports end-user processes and applications. A Layer 7 DDoS attack sends traffic to consume resources, hampering a website’s ability to serve content.

“In addition to the unexpectedly high volume of traffic, the attack had other notable features. There were 5,256 source IPs from 132 countries contributing to the attack. The top 4 countries [Brazil, India, Russia, and Indonesia] contributed about 31% of all attack traffic,” according to Google.

The company added that the geographic distribution and the type of unsecured services used to generate the attack are consistent with the Mēris attack family.

In July, Cloudflare said that the Mantis botnet (the next evolution of the Meris botnet) was responsible for the 26 million requests per second HTTPS DDoS attack.

Google said it successfully thwarted the attack.

DDoS attacks are increasing

Patriotic activism increased dramatically in the first half of 2022, as both established and newly formed pro-Ukrainian and pro-Russian groups aimed to wreak havoc by stealing and leaking information and conducting denial-of-service attacks .

Attacks ranging from cases of hacktivism to terabit attacks in Asia and the United States increased significantly in the first half of 2022.

The number of malicious DDoS attacks increased by 203% compared to the first six months of 2021, cybersecurity firm Radware said in its semi-annual report.

The first six months of 2022 saw 60% more malicious DDoS incidents than all of 2021, the company found.

Commonly used by cyber legions along with data leaks and website defacements, DDoS aims for disruption and chaos. Both pro-Ukrainian and pro-Russian patriotic activists engage in DDoS operations on a daily basis, usually to threaten their enemies and spread (mis)information.

“No company in the world is currently safe from cyber retaliation,” said Pascal Geenens, Radware’s director of threat intelligence. “Online vigilantes and hacktivists could disrupt broader security efforts being advanced by nations and agencies. New armies of actors could create extreme unpredictability for intelligence agencies, creating a potential for incursions and misattributions that could eventually lead to an escalation of the cyber conflict.”


More from Cyber ​​News:

Janet Jackson’s music video has been identified as a cybersecurity risk after old laptops crashed

Apple is on patch emergency after discovering two bugs

Russian citizen faces ransomware laundering charges in US

Kindle is removing a key feature in today’s update: Know Who’s Affected

Iran-backed threat group targeting Israeli shipping, says analyst

Subscribe to our newsletter


About Author

Comments are closed.