Google just prevented the largest DDoS attack ever

Distributed Denial of Service (DDoS) attacks have long been an issue for tech companies, considering they are easy to manufacture. Now, according to a new report from Google, the company recently stopped the largest DDoS attack ever, with a peak of 398 million requests per second (rps), significantly surpassing last year’s record of 46 million rps.

“For a sense of scale, this two-minute attack generated more requests than the total number of article views reported by Wikipedia during the entire month of September 2023,” said Google.

How did the attack work?

For those who are unfamiliar with DDoS attacks, they involve threat actors overwhelming a server with internet traffic to prevent users from accessing connected online services and websites.

According to the report, the DDoS attack began in August, targeting major providers, including Google’s services and Google Cloud, as well as their clients, using a new technique known as “Rapid Reset.” This technique involves the use of multiple HTTP/2 connections, with requests and resets happening rapidly in succession. This overwhelms the targeted systems by generating logs for requests that are promptly reset or cancelled. However, it is important to note that the threat actors exploited the vulnerability CVE-2023-44487 in the protocol stack to carry out the attack.

While Google was the most affected, threat actors also targeted companies like CloudFlare, which defended against a 201 million RPS attack, and Amazon Web Services (AWS), which repelled a 155 million RPS assault.

Response to the attack

In response to the attacks, all three companies collaborated and shared information to develop patches and mitigation techniques. Additionally, Google has informed business providers to check for the vulnerability in their systems and urged them to promptly apply the relevant patch. Furthermore, recognizing that most companies lack the resources to fend off such attacks, there are calls to invest in robust network DDoS defence services.

“We were able to mitigate the attack at the edge of Google’s network, leveraging our significant investment in edge capacity to ensure our services and our customers’ services remained largely unaffected,” reads Google’s blog post.