Distributed Denial of Service (DDoS) attacks are severe cybersecurity threats that bring large amounts of traffic to a network. Hackers carry out these attacks to disrupt targeted users. Google is at the center of one of these online traffic jams, which is said to be the largest DDoS attack ever. The attack can have dire consequences for businesses around the world.
Thankfully, Google and other industry peers stopped the threat with different protocols and a new patch. Below is a breakdown of what business owners should know about the DDoS attack that Google blocked. Learn how this threat came about and what you can do to protect your business.
The Attack Is Significantly Larger Than Others Like It
According to Google, this DDoS attack is 7.5 times larger than the previous record-holder. The tech giant says that this attack, which began in August 2023, produced 398 million requests per second. By comparison, the second-largest attack on record garnered 46 million requests per second in 2022.
Aside from its sheer size, the attack has an alarming severity rating. It holds a Common Vulnerability Scoring System score of 7.5 out of 10 and poses major problems for Google and its customers.
Threat Actors Use the Rapid Reset Technique
How does one carry out such a substantial attack? Google claims that cybercriminals deployed what's known as the Rapid Reset technique. This method involves manipulating the HTTP/2 protocol stack in the following ways:
- A cybercriminal opens a large number of streams at once.
- The number of requests in flight causes network disruptions.
- Instead of waiting for a response to each stream request, the bad actor immediately cancels the request.
The geographic distribution and types of unsecured services this DDoS attack has matches the Meris family of attacks. Those previous attacks are known for abusing insecure proxies. The latest attack features encrypted requests (HTTPS) that require outside computing resources.
Google's Popular Web Applications Are Targets
The main reason for a DDoS attack is to overflow traffic to a particular service or network so people can't use it. What business owners should know about the DDoS attack that Google blocked is that many of their daily operations may not be possible if left unnoticed. The attackers targeted popular applications like Google's cloud infrastructure and a range of other web services, such as:
- Gmail
- Google Docs
- Google Calendar
- Google Workspace
Experts say the best way to mitigate the threat is to investigate all servers that run HTTP/2 and apply Google's new patch if vulnerable.
Stay Ahead of the Latest Cybersecurity Incidents
This post provides vital information regarding what business owners should know about the DDoS attack that Google blocked. Although Google and other industry leaders put an end to the attack, experts emphasize the importance of being proactive about cybersecurity. Reach out to our technology professionals for tips on boosting your cybersecurity and staying safe from hackers.