Google successfully thwarted a peak DDoS attack with over 46 million requests per second
2 min readGoogle successfully thwarted a peak DDoS attack with over 46 million requests per second
- Huawei Mate 60 Pro Makes Satellite Calls: Only US$0.18/minute
- Huawei Mate60 Pro: First Smart Phone Supports Satellite Calls
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
Google successfully thwarted a peak DDoS attack with over 46 million requests per second.
In June, Cloudflare reported the largest DDoS cyberattack ever, peaking at 26 million requests per second.
This beats the previous record of 17.2 million in August 2021 and 15.3 million in April 2022.
But the record was refreshed again this month, with Google saying it peaked at 46 million per second.
In a Google Cloud blog post, Google said it peaked at 46 million requests per second, more than 76% of Cloudflare’s peak.
This DDoS attack was conducted against Google Cloud customers using Cloud Armor.
Google says that once the service detects signs of a threat, it alerts customers and advises them to adopt protection rules to ward off the danger.
This rule is then deployed before requests peak, meaning customers continue to stay online while Cloud Armor protects their infrastructure and workloads.
Google said the attack started in the early hours of June 1 at 10,000 requests per second, but rose to 100,000 requests per second eight minutes later, when Cloud Armor adaptive protection kicked in.
Two minutes later, requests per second increased to 46 million, but customers are now safe and continue to operate.
The attack went away in 69 minutes, probably because it was thwarted by Google Cloud Armor and didn’t have the desired effect.
Regarding the post-mortem analysis of this security incident, Google said
In addition to the unexpectedly high traffic, the attack had other notable characteristics. The attack had 5256 source IPs from 132 countries. As you can see in Figure 2 above, the top 4 countries contributed about 31% of the total attack traffic.
The attack leverages encrypted requests (HTTPS), which would require additional computing resources to generate. While terminating encryption is necessary to inspect traffic and effectively mitigate attacks, using HTTP Pipelining requires Google to complete relatively few TLS handshakes.
About 22% (1,169) of the source IPs corresponded to Tor exit nodes, although requests from these nodes accounted for only 3% of attack traffic. While we believe that Tor’s participation in attacks is accidental due to the nature of vulnerable services, even at 3% of the peak (greater than 1.3 million rps), our analysis shows that Tor exit nodes can send large amounts of undesired traffic to Web applications and services.
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?
