Google announced it has fended off the largest ever HTTPS-based Distributed Denial of Service (DDoS) attack, which peaked at 46 million requests per second. According to Google, the DDoS attack was quickly detected and stopped at the edge of Google’s network, and the customer that was attacked was not impacted.
On June 1, 2022, starting 9:45 AM PDT, a Google Cloud Armor customer was targeted with a series of HTTPS DDoS attacks which peaked at 46 million requests per second. To give a sense of the scale of the attack, that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds.
Cloud Armor Adaptive Protection was able to detect and analyze the traffic early in the attack lifecycle. Cloud Armor alerted the customer with a recommended protective rule which was then deployed before the attack ramped up to its full magnitude. Cloud Armor blocked the attack ensuring the customer’s service stayed online and continued serving their end-users.
“There were 5,256 source IPs from 132 countries contributing to the attack. Approximately 22% (1,169) of the source IPs corresponded to Tor exit nodes.”
The attack lasted 69 minutes, ending at 10:54 AM PDT.
Read more about it here.