We live in an increasingly digital world, but one inevitable side effect of digitization is that the rate of cybercrime is on the rise. According to recent statistics, there were over 1,100 reported data breaches in 2020, and, based on the current trends, worldwide cybercrime trends are on track to exceed $6 trillion this year. Everyone can become a victim of cybercrime, and hackers can exploit any vulnerability to gain access to sensitive data: from the unsuspecting student who connects to the public Wi-Fi in a café to the small business owner who migrated consumer data to the cloud without taking the right security measures. And yet, the biggest and most publicized cyberattacks have always targeted big corporations, which goes to show that hackers love a good challenge and that a big budget doesn’t guarantee topmost security.
There are many types of cyberattacks, but one is particularly scary: the DDoS attack.
The biggest DDoS attacks targeted global enterprises and, even though they did not put them out of business, they did cause millions in losses and damaged consumer trust. While most DDoS attacks aren’t of this magnitude, even a small attack can have a huge impact, so it’s important to know just how serious things can get.
What are DDoS attacks, and what makes them so dangerous?
Distributed Denial of Service (DDoS) attacks are a type of cyberattack where hackers flood a web resource with numerous requests so that they exceed its capacity and prevent it from working properly. In most cases, DDoS attacks target businesses that provide online services, such as e-commerce websites, cloud service providers, finance websites, even Government agencies. The ultimate goal is to overwhelm the company’s web service until it can no longer function normally and regular users get a “denial of service.”
DDoS attacks are dangerous because they disrupt the company’s services. During a DDoS attack, normal user requests are heavily slowed or completely ignored, which causes huge losses and damages the company’s reputation. If multiple companies depend on the affected service, such as in the case of payment services, the ramifications are huge. Hackers can also demand money to stop the attack. Fortunately, DDoS attacks can be prevented, and their number has dropped significantly in the past five years.
What are the biggest DDoS attacks?
In July 2021, web performance and security company Cloudflare announced in a blog post that they successfully managed to stop the largest DDoS attack ever reported. Targeting one of their company’s finance clients, the attack sent 17.2 million requests per second and came from over 20,000 bots in 125 countries – that’s three times more than any other reported DDoS attack. It’s still unclear what favored the attack, but security experts suggested that compromised IoT devices could have been behind it. In the past few years, IoT adoption has spiked, and yet most of these devices remain unprotected, which offers hackers a back door into company systems.
Google Cloud (2017)
Before the Cloudflare incident, the largest reported DDoS attack was the one on Google Cloud. The attack took place in 2017, but it was only revealed to the public in 2020 and, according to Google’s official report, lasted over six months and reached 2.3Tbps in traffic. The attack was traced back to a state-sponsored hacking group in China and, as an answer to it, Google made available a new security tool: Cloud Armor Adaptive Protection, which uses machine learning for early detection. This is the same tool that Google uses to protect its servers.
Amazon Web Services (2020)
In the first half of 2020, Amazon Web Services said that it had to defend against a massive DDoS attack that reached a traffic volume of 2.3Tbps at its peak. At the time, it was the biggest DDoS attack ever recorded. AWS did not disclose the origin of the attack, nor which of its clients it targeted, but they did say that the hackers used a reflection attack – a technique that allows them to increase the amount of malicious traffic whilst concealing its source. AWS offered other insights about the attack in their 2020 Q1 threat report, emphasizing the importance of AWS Shield, firewalls, and early mitigation efforts. Most DDoS attacks are short-term and are only meant to test the victim’s security systems.
GitHub’s DDoS attack in 2018 only lasted for about 20 minutes, but it peaked at 1.3TBps, sent packets at 126.9 million/second, and no botnets were involved. Users only noticed intermittent outages for around 10 minutes and, after that, GitHub relied on their DDoS mitigation service, which routed all the traffic coming in and out of the website, blocking malicious attempts. The story had a happy end for GitHub, which had 31 million users at the time and could have taken a huge blow if the attack had lasted longer. Since the company provides Internet hosting for software development, even a several-hour downtime could have affected millions of businesses and impacted GitHub’s credibility.
Estonia was the first country to build a paperless Government. At a time when all other countries still relied on papers and manual processes, Estonia made most of their state services available online. However, back in 2007, cybercriminals exploited the security vulnerabilities of these systems and launched a DDoS attack against the Government’s financial institutions, online services, and media websites. The attack was considered the first act of cyber warfare because it came as a response to the country’s decision of moving a war memorial to the Soviet Red Army. The attack has a major impact on Estonian citizens, and its impact can still be felt today – following the attack, the first international laws on cyber warfare came into effect. The good news is the Estonian Government quickly bounced back after the DDoS attack, investing heavily in cybersecurity to prevent future attempts. Nowadays, 99% of Estonia’s government services are available online, which has dramatically reduced corruption. 45% of the population vote online and, because business registration is so seamless, Estonia is one of the biggest start-up hubs in the world.