How Google stopped the ‘biggest-ever’ DDoS attack

Denial-of-service (DDoS) attacks have increased in frequency and size exponentially over the past few years. Google Cloud Armor is a tool that enables users to protect their Cloud environment from DDoS attacks. In June this year, a Google Cloud Armor customer was hit by the biggest-ever DDoS attack. The tech-giant has explained the attack in detail via a blog post and how Google stopped it

What exactly happened?

On June 1, 2022, an attack of more than 10,000 requests per second (rps) began targeting a Google Cloud Armos customer. Eight minutes later, the attack grew to 1,00,000 requests per second. In the next two minutes, Google says, the attack grew from 100,000 rps to a peak of 46 million rps. This, the company says, is the largest Layer 7 DDoS reported to date—at least 76% larger than the previously reported record.

The attack also had noteworthy characteristics like there were 5,256 source IPs from 132 countries contributing to the attack. The geographic distribution and types of unsecured services used to generate the attack matches the Mēris family of attacks that abuses unsecured proxies to obfuscate the true origin of the attacks.

How Google stopped it?

Google says that the customer has already configured Adaptive Protection in their relevant Cloud Armor security policy. When the attack began, the Adaptive Protection was able to detect the DDoS attack early in its life cycle. It generated an alert with a recommended protective rule analyzing its incoming traffic.

“As a result, the customer acted on the alert by deploying the recommended rule leveraging Cloud Armor’s recently launched rate limiting capability to throttle the attack traffic,” the post states.

How to protect applications in Cloud?

In the blog post, Google recommends using a defense-in-depth strategy by deploying defenses and controls at multiple layers of your environment and your infrastructure providers’ network to protect your web applications and services from targeted web attacks. The strategy will include performing threat modeling, developing proactive and reactive strategies to protect them, and architecting applications with sufficient capacity to manage unanticipated increases in traffic volume.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.


Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Leave a Comment