Last week, Google faced a rather unprecedented attack on one of its Cloud Armor customers. The tech giant detailed in a blog post how it thwarted the biggest DDoS attacked. Here are all the details:
What is a DDoS attack?
According to cybersecurity firm Kaspersky, Distributed Network Attacks are often referred to as Distributed Denial of Service (DDoS) attacks. “This type of attack takes advantage of the specific capacity limits that apply to any network resources – such as the infrastructure that enables a company’s website,” says Kaspersky. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests and thus prevent the website from functioning correctly. Generally, DDoS attacks target e-commerce platforms or businesses that provide online services.
What sort of attack did Google face?
In a blog post, Google said that back on June 1, a Google Cloud Armor customer was targeted with a series of HTTPS DDoS attacks which peaked at 46 million requests per second. As per Google, this is the largest Layer 7 DDoS reported to date. “To give a sense of the scale of the attack, that is like receiving all the daily to Wikipedia in just 10 seconds,” notes Satya Konduru, Technical Lead, Google in the blog post. There were 5,256 source IPs from 132 countries contributing to the attack.
What is Google Cloud Armor?
Google Cloud Armor is a network security service that provides protection against DDoS and application attacks. Google Cloud Armor features some automatic protections and some that you need to configure manually. The subscription plans for Google Cloud Armor start at $3,000 per month and is useful for enterprise customers.
How did Google stop the attack?
Google said that the attack was stopped at the edge of Google’s network, with the malicious requests blocked upstream from the customer’s application. “Before the attack started, the customer had already configured Adaptive Protection in their relevant Cloud Armor security policy to learn and establish a baseline model of the normal traffic patterns for their service,” notes Google in the blog post. Adaptive Protection was able to detect the DDoS attack early in its life cycle, analyze its incoming traffic, and generate an alert with a recommended protective rule–all before the attack ramped up.
What should one do to keep themselves protected from such attacks?
Google does warn users that the attack sizes will continue to grow and tactics will continue to evolve. “To be prepared, Google recommends using a defense-in-depth strategy by deploying defenses and controls at multiple layers of your environment and your infrastructure providers’ network to protect your web applications and services from targeted web attacks,” says Google in the blog post.
FacebookTwitterInstagramKOO APPYOUTUBE
