• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Network Security, News

Google Says Company Mitigated 2.5 Tbps DDoS Attack, Largest Ever

Google says it was the target of a massive 2.5 Tbps DDoS attack in September 2017, the highest bandwidth attack ever reported.

October 21, 2020 Zachary Comeau Leave a Comment

Google says it was the target of a massive 2.5 Tbps DDoS attack in September 2017, the highest bandwidth attack ever reported.

In a blog post exploring the growth of distributed denial-of-service (DDoS) attacks, Google revealed that it was the target of a six-month campaign that utilized multiple methods of attack.

“Despite simultaneously targeting thousands of our IPs, presumably in hopes of slipping past automated defenses, the attack had no impact,” wrote Damian Menscher, a Google security reliability engineer, in the blog.

“The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us. This demonstrates the volumes a well-resourced attacker can achieve.”

According to Menscher, that attack was four times larger than the “record-breaking 623 Gbps attack from the Mirai botnet” last year, and is also the highest-bandwidth attack reported to date.

In a separate post, the company said its security team measured the attack, which appears to be from several Chinese ISPs.

Read Next: Microsoft: Russia, China, Iran Targeting US Elections

The attack is even larger than a 2.3 Tbps DDoS attack on Amazon in February, which was then thought to be the largest such cyberattack ever recorded. Amazon didn’t identify the targeted customer.

It caused three days of elevated threat during a single week in February, according to Amazon.

Google’s disclosure comes as the company is warning IT teams – particularly those close to political groups and elections – that cyber attacks are increasing as global events like the COVID-19 pandemic and campaign season present golden opportunities for state actors and hackers.

Google in June announced it detected phishing attacks against staffers for both the Biden and Trump campaigns by Chinese and Iranian actors. Attackers used targeted malware campaigns, python-based implants using Dropbox and an impersonation of antivirus software McAfee.

“Overall, we’ve seen increased attention on the threats posed by APTs in the context of the U.S. election,” wrote Shane Huntley of Google’s Threat Analysis Group, in a blog post.

“U.S government agencies have warned about different threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we’re seeing across the ecosystem. This has resulted in action on our platforms, as well as others. Shortly after the U.S. Treasury sanctioned Ukrainian Parliament member Andrii Derkach for attempting to influence the U.S. electoral process, we removed 14 Google accounts that were linked to him.”

Tagged With: Cybersecurity, ddos, Google

Related Content:

  • Video Production, Enterprise IT Modernizing Video Applications in Enterprise Environments
  • Zero Trust, ZTNA, Syxsense Syxsense Unveils New Module for Zero Trust Compliance
  • Insider Risk, cyber risk, insurance, cybersecurity GlobalData GlobalData: Cybersecurity Revenue in Insurance Set to Grow…
  • This Week in IT, IT News This Week in IT: Google Meet, Cisco Attack,…

Free downloadable guide you may like:

  • Shadow ITBlueprint Series: How to Reduce Shadow IT

    The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Research finds that this distributed work environment is leading to IT management blind spots and shadow IT.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Shadow IT
Blueprint Series: How to Reduce Shadow IT

The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Resea...

Hybrid Work webinar
Featured Webcast: Collaboration 2.0 — Where Are We Now?

In this webinar, subject matter experts discuss the transformation of the workplace, the rise of hybrid workers, the importance of open connectivit...

guide to end user training cover
Pro Tips for Conducting End User Training

Effective trainings are the glue that can make the difference following a new technology implementation that your team has spent so much time, effo...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.