Google is reporting that a state-sponsored hacking group launched the biggest DDoS attack on record against the company back in Sept. 2017.
On Friday, Google’s cloud business disclosed the incident, which involved bombarding the company’s internet networks with a flood of traffic. The DDoS attack lasted over a six-month campaign, peaking to 2.5Tbps in traffic.
The figure surpasses the 2.3Tbps assault Amazon’s cloud business AWS experienced this past February, which was previously thought to be the biggest DDoS attack on record.
According to Google’s security team, the 2.5Tbps DDoS against the company was sourced back to a government-backed group that harnessed four internet service providers in China to send the flood of traffic.
A DDoS is designed to overwhelm a network, resulting in an outage that can slow or shut down access to a company’s websites. But despite the 2.5Tbps assault simultaneously targeting thousands of Google servers back in 2017, the “attack had no impact,” wrote company security engineer Damian Menscher in today’s blog post.
“The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us,” he added. “This demonstrates the volumes a well-resourced attacker can achieve: This was four times larger than the record-breaking 623 Gbps attack from the Mirai botnet a year earlier.”
The company disclosed the incident while talking up its efforts to ensure Google’s cloud business remains protected from major DDoS attacks. Google has been analyzing the most significant DDoS attacks, and concludes the traffic volumes have been growing exponentially. But at the same time, the internet itself has been growing exponentially as well, giving companies more bandwidth to protect themselves from the attacks.
Menscher added the company “reported thousands of vulnerable servers to their network providers” to prevent the hackers behind the 2.5Tbps DDoS from striking again.