Internet companies Google, Amazon, and Cloudflare say they have weathered the internet’s largest-known denial of service attack and are sounding the alarm over a new technique they warn could easily cause widespread disruption. Alphabet Inc-owned Google (GOOGL.O)said in a blog post published Tuesday that its cloud services had parried an avalanche of rogue traffic more than seven times the size of the previous record-breaking attack it thwarted last year when its defenses filtered through more than two terabits per second of data.
This latest avalanche of bogus data overwhelmed servers operated by the three companies and made it difficult for legitimate web traffic. They did not identify the attack’s origin, which began in late August and was ongoing.
A DDoS is one of the simplest types of cyber attacks, with its simple plan: overwhelm targeted servers by barraging them with millions of bogus requests for data. That prevents legitimate web traffic and renders the site unavailable to users. The new attack was aimed at Google, Amazon, and Cloudflare’s defense systems.
While these companies did not disclose who was behind the attack, experts say they likely have reason to believe a state actor launched it. State-sponsored groups, including Russia and Iran, launched many DDoS attacks. Some can hurt real businesses, such as the 2016 attack that disrupted domain name service provider Dyn and hit scores of high-profile websites.
- Trending Now: OpenAI Unveils New Tools and Features for Developers, Making AI Easier to Use and Build With
Google and Cloudflare reported that the latest attack exploited a zero-day vulnerability called “HTTP/2 Rapid Reset.” It exposes servers to rogue requests by abusing a feature meant to stop repeated attempts to send data. At its peak, the attack racked up more than 398 million requests per second.
At its peak, the attack was more than ten times larger than the previous record-setting DDoS, which lasted for two minutes and generated 46 million requests per second, Google said. It was also more than seven times the most significant attack thwarted by Cloudflare last year.
The attackers could generate such massive amounts of bogus data because they could commandeer so many internet-connected devices infected with malware known as Mirai. It allowed attackers to create a botnet, which they used to trap dozens of major internet infrastructure providers and disrupt hundreds of well-known sites.
This is the latest in a series of large-scale attacks, which are growing in frequency and intensity and lasting longer. Searches for DDoS on Google have risen steadily since 2020 and jumped sharply in June when Amazon said it had handled a DDoS that peaked at 2.47 Tbps. While such a high-throughput attack is sporadic, it illustrates the increasing sophistication of hackers. They can assemble vast fleets of compromised machines to deliver such large bursts of data that it would be impossible for small businesses to cope with them.