Google, Amazon thwart ‘largest DDoS attack’ in history: What is DDoS, why it is dangerous, how to stay safe online
Amazon, Google, and several other tech companies have reported detecting the largest distributed denial-of-service (DDoS) attacks to date in August and September. As explained by these companies, these attacks were facilitated by a newly discovered vulnerability known as CVE-2023-44487, which enabled threat actors to exploit the HTTP/2 protocol, a crucial component of the internet’s infrastructure
The attack targeted multiple websites and services, and peaked at over 46 million requests per second (RPS). This is equivalent to receiving all the daily requests to Wikipedia in just 10 seconds.
The attack was carried out using a newly discovered vulnerability in the HTTP/2 protocol, which is used by most websites today. The vulnerability allowed attackers to overwhelm servers using specially designed packets eventually making them unavailable to its intended users.
Google, Amazon, and other companies were able to mitigate the attack through a combination of techniques. In addition to Google and Amazon, other companies that have reported being targeted by the attack include Microsoft,Cloudfare and Netlify. It is not yet known who is responsible for the attack, or what their motive was.
“The attacks were largely stopped at the edge of our network by Google’s global load balancing infrastructure and did not lead to any outages. While the impact was minimal, Google’s DDoS Response Team reviewed the attacks and added additional protections to further mitigate similar attacks. In addition to Google’s internal response, we helped lead a coordinated disclosure process with industry partners to address the new HTTP/2 vector across the ecosystem,” Google wrote in a blog post.
What is a DDoS Attack?
DDoS attack is a kind of cyberattack aimed at making the online service or resource unavailable to its intended users. The cybercriminals achieve this by spamming the targets with fake requests and causing excessive traffic on the network. These attacks are initiated from a large network of infected computers (botnets) created by hackers.
How to protect yourself from DDoS attacks
There are a number of things that organisations can do to protect themselves from DDoS attacks, including:
Using a DDoS protection service: There are companies that provide DDoS protection services. These services can help to mitigate the impact of an attack by filtering out malicious traffic and redistributing traffic across multiple servers.
Implementing rate limiting: Rate limiting is a technique used to limit the number of requests that a server can receive per second. This can help to prevent attackers from causing traffic on server.
Using traffic filtering: Traffic filtering can be used to block malicious traffic, such as traffic from known botnets.
Load balancing: Load balancing can be used to distribute traffic across multiple servers. This can help to prevent a single server from being overwhelmed by an attack.