The Internet is a land with plenty of opportunities, where the most innovative seeds (businesses) can grow really big! But, unfortunately, the coin has two sides. And this is also a land with many risks, where survival is not easy. There are already many predators to be aware of, like the bloody DDoS attacks.
Let’s have a look at the largest DDoS attacks in history.
2012. Targets: JP Morgan Chase, Bank of America, U.S. Bank, Citigroup, Wells Fargo, PNC Bank.
Due to a video where Prophet Muhammed was supposed to be mocked, a group of attackers demanded its removal from YouTube through a simultaneous attack against these six American banks. First, they hijacked hundreds of servers. Then, they attacked every server with different techniques to weaken banks’ defenses until they finally fell down. Each attack generated more than 60 gigabits of DDoS traffic per second—a record for its time.
2016. Target: Dyn, international DNS provider.
The weapon used in this attack was the Mirai malware. A very large and rare botnet (at that time) was generated. Instead of computers, it was created out of thousands of infected Internet of Things (IoT). Approximately 600,000 IoTs (mostly routers and security cameras) were infected in the highest attack’s point, becoming traffic sources. All were commanded to send requests to the Dyn servers to flood them and to shut them down.
This attack was massive! It red flagged IoTs vulnerabilities, and it affected Dyn’s clients like Amazon, Visa, GitHub, Netflix, PayPal, Airbnb, and more.
2017. Target: Google, an international company of Internet services and products.
This was not an isolated attack but an attack campaign that lasted six months. Google’s attackers enable a really powerful DDoS attack by using different networks to send spoofed data packets to 180,000 connection-less lightweight directory access protocol (CLDAP), domain name system (DNS), and simple mail transfer protocol servers. The purpose was clear, to generate really astonishing traffic loads, millions of data packets per second, and direct them to thousands of Google’s servers, to overwhelm them and take them down. Google’s security team said this attack was four times larger than the powerful Mirai botnet attack executed in 2016.
2019. Target: Imperva, international cyber security software and services company.
In 2019, Imperva had a double challenge to fight back two powerful DDoS attacks. An SYN flood attack, where criminals repeatedly send SYN packets to each port on their victim (server) through the use of a forged IP address. Consumption of resources to respond to all requests make the system unavailable to legit users.
The first SYN attack to flood Imperva’s servers was 500 million data packets per second, and the next one was 580 million packets per second. Besides, the size of the packets was scary too. Each one was from 800 to 900 bytes. At that moment, the largest application layer attack.
2020. Target: Amazon Web Services, on-demand cloud computing, and application programming interfaces provider.
Criminals attacking AWS took advantage of a vulnerability related to the connection-less lightweight directory access protocol (CLDAP).
Again, what called the attention was the power to produce really massive traffic for overwhelming the victim’s servers. At its highest point, the volume was 2.3 Tbps! This was an absolute milestone for the criminal side!
Suggested article: DDoS protected DNS service – Why is it important?
Unfortunately, DDoS attacks won’t be stopped easily or soon, so the victim’s list will grow. Every time, attacks show the investment of more technical resources and more power. To get involved with history must be useful to be aware and to prevent this danger. Be cautious, don’t overestimate your luck!