Google Cloud is the service where products such as Drive, Photos, among others, are derived. This service has been updated over the years to offer the best to its users. One of the things that they have always placed a lot of emphasis on is security. Thanks to this, a few days ago, they managed to block the largest DDoS attack to date. Know all the details with the following lines.
The largest DDoS attack to date was directed against Google Cloud
First, you have to understand that DDoS attacks seek to use all the bandwidth of the server that is being attacked. However, the latest DDoS attacks have shown a slight change; these are known as volumetric attacks as they seek to consume all the CPU and RAM resources of the target server. This is achieved by simultaneously creating requests from different IPs in different countries.
The magnitude of the attack against Google Cloud left experts surprised, but it is an escalation that has been witnessed since last year. Even 2 months earlier, another big attack against Cloudflare, a major player in the net infrastructure, had already been observed. They managed to block an attack of 26 million requests per second, and last year they had already faced one of 17.2 requests.
However, the attack against Google Cloud recorded a total of 46 million requests per second, which is equivalent to all the connections made to Wikipedia per day. Another way to put it is the following: it’d be as if all the users of a medium-sized country are connected to the same page in one second. As they explain on their blog:
“The attack was stopped at the edge of Google’s network, with the malicious requests blocked upstream from the customer’s application. Before the attack started, the customer had already configured Adaptive Protection in their relevant Cloud Armor security policy to learn and establish a baseline model of the normal traffic patterns for their service.
As a result, Adaptive Protection was able to detect the DDoS attack early in its life cycle, analyze its incoming traffic, and generate an alert with a recommended protective rule–all before the attack ramped up. The customer acted on the alert by deploying the recommended rule leveraging Cloud Armor’s recently launched rate limiting capability to throttle the attack traffic. They chose the ‘throttle’ action over a ‘deny’ action in order to reduce the chance of impact on legitimate traffic while severely limiting the attack capability by dropping most of the attack volume at Google’s network edge.”
This attack showed how well Cloud Armor works and how Google increasingly specializes in cybersecurity to offer the best services for its users. Now it only remains to see what the next attack will be or if it will keep its crown for a long time.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Photo by ÇAĞIN KARGI on Unsplash.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp