According to Google, cybersecurity threats such as distributed denial of service (DDoS) are growing exponentially, disrupting businesses of all sizes around the world, losing their trust and shutting them down.
The tech giant revealed in September 2017 that its infrastructure had absorbed a large 2.5Tbps DDoS. This was the highest bandwidth attack ever reported and was the culmination of a six-month campaign using multiple attack methods.
“Even though we targeted thousands of IPs at the same time, perhaps hoping to evade automated defenses, the attack had no effect,” Google said in a statement on Friday.
The attacker used several networks to spoof 167 Mbps (millions of packets per second) to 180,000 public CLDAP, DNS, and SMTP servers and sent a large response to Google.
“This shows the amount that an attacker with sufficient resources can achieve. This was four times the record 623 Gbps attack from the Mirai botnet a year ago. This is so far. It’s the highest bandwidth attack reported and leads to less reliability. Extrapolation, “the company said.
With a DDoS attack, an attacker wants to disrupt the victim’s service with a flood of useless traffic. This attack does not expose user data and does not lead to compromise, but if not mitigated quickly, it can lead to outages and loss of user trust. Attackers are constantly developing new technologies to destroy the system.
“Some attacks can’t even focus on a specific target, but instead attack all IPs in the network. Multiplying the diversity of infrastructure that needs to be defended against dozens of attack types. , There are endless possibilities, “said Google.
According to the company, the main task is to determine the capacity required to withstand the largest DDoS attacks for each key indicator.
“We can estimate the expected size of future attacks, but we need to be prepared for unforeseen circumstances and overprovision defenses accordingly.”
The company recently announced Cloud Armor Managed Protection, which allows users to further simplify deployment, control costs, and mitigate overall DDoS and application security risks.
Google said it is working with others in the Internet community to identify and dismantle the infrastructure used to launch the attack.