Security News > 2020 > October > Nation-state actor hit Google with the largest DDoS attack
The actor targeted thousands of Google IP addresses at the same time and used several attack methods in a campaign that span across multiple months.
Google did not attribute the attack to a particular actor but said that the bad UDP packets hurled at its systems came from devices using several Chinese internet service providers.
In an analysis of DDoS trends over the last years, Damian Menscher, a Security Reliability Engineer for Google Cloud, said that the attack occurred in September 2017 and used 180,000 exposed CLDAP, DNS, and SMTP servers to amplify responses directed at Google.
Menscher says that the size of the attack, which is the largest ever disclosed publicly, shows "The volumes a well-resourced attacker can achieve," noting that it was four times larger than the Mirai DDoS attack that shook the internet in 2016.
Google warns that while its report shows the scale of past and current DDoS attacks and can help predict the size of future ones, defenses must be over-provisioned so they can withstand attacks of unexpected sizes.
News URL
Related news
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Phishers abuse Google OAuth to spoof Google in DKIM replay attack (source)