Google reveals that it has stopped a huge denial of service attack. This is the largest attack of its kind ever recorded to date in terms of requests per second.
There are world records that last for years before falling. For example, pole vaulting, held by Sergei Bubka between 1993 and 2014. In computing, on the other hand, things go much faster. Google announces that it has put an end to the largest DDoS attack, or collective attack by service saturation, never recorded to date. Let us first remember that this is an attack aimed at prevent a service from working by flooding it with millions of requests at the same time. No longer able to keep up with such a request, the server “crashes”.
The Moutain Wiew firm is not on its first try. In 2022, it already blocked a record attack with its 46 million requests per second (or rps) The company Cloudflare bid at the start of 2023 with 71 million requests per second for its services. Google was not going to let the title be stolen for long: we are now talking about the astronomical figure of 398 million rps, just that. More than 5 and a half times the attack that targeted CloudFlare.
Google thwarted an unprecedented massive denial of service attack
The cyberattack, which lasted 2 minutes, “generated more queries than the total number of article views reported by Wikipedia during the entire month of September 2023” explains Google. This gives an idea of the scale of the phenomenon. Its detection begins at the end of August. The company then contacts its partners in order to collectively put in place measures so that the attack does not affect users. With success.
The investigation shows that the hackers used a new technique called “Fast Reset, which exploits stream multiplexing, a feature of the widely adopted HTTP/2 protocol.” Google has already implemented additional protections and updated its defense systems to ensure that it is more vulnerable to this type of attack in the future. At least until the next record.
Source: Google