back to article Google blocks third record-breaking DDoS attack in as many months

Google says it has blocked the largest ever HTTPS-based distributed-denial-of-service (DDoS) attack in June, which peaked at 46 million requests per second. To put things in perspective, this is about 76 percent larger than the previous record DDoS attack that Cloudflare thwarted earlier that same month. As Googlers Emil …

  1. Snake Silver badge

    Signature

    Interesting that they mention that they could identify the "malicious signature" yet never bother to name it.

    1. Version 1.0 Silver badge
      Facepalm

      Re: Signature

      All that's happening is that the attacks are being blocked, not stopped. So they are just going to become normal in the future - the current Internet design effectively "permits" this sort of thing because the Internet was setup to guarantee communications, not control them. So all we can do is try and block this sort of thing unless we work to replace the Internet with a new form of communication that is much harder to abuse. That would not be easy to do.

      1. veti Silver badge

        Re: Signature

        Not entirely true. The story mentions that when the attack is effectively blocked, the attackers purposely drop it rather than burn resources on something futile.

        The attackers are clearly exploring the Internet's current best defences, presumably hoping to find weaknesses. But in the process they are also sharing information about their own resources and tactics, which can be used by the defenders. The longer an attack goes on, the more data it reveals about the attackers.

  2. Ken Moorhouse Silver badge

    46 million requests per second.

    Will Google be able to cope with a really big news story?

    I mean really big.

    I'd better not give examples as they might appear near the top of Google if or when they did occur. Can't have TheReg fending off a DOS of its own can we?

    1. veti Silver badge

      Re: 46 million requests per second.

      46 million requests per second is enough to serve every Internet-enabled device in the world in less than two minutes. I'd love to know what sort of news story you think would significantly exceed that rate with legitimate traffic.

      1. Ken Moorhouse Silver badge

        Re: 46 million requests per second.

        Kennedy's assassination, the death of Diana, Princess of Wales and 9-11 are three randomly selected historical events which, if the internet were at the level it is today, would have arguably stress tested it.

        "Legitimate traffic" is a baseline, how much algo traffic would sit on top of that?

        I can think of at least three event categories that would send search traffic through the roof.

        1. jmch Silver badge

          Re: 46 million requests per second.

          Even with events like these and even in a hyperconnected world, it takes a few minutes/hours for the news to spread. And even if, after that, every single person in the world is looking out for news (unlikely), and even if they are all looking for news from the exact same source (scarcely believable), they still would not be hitting 'refresh' every second.

          46 million requests per second is probably 1 or 2 orders of magnitude more than even the most widespread massive global news story could generate.

          Incidentally, Lady Di's death, while surely obsessed over by the UK press and tabloids, is of a far far lesser significance than the other 2 events you mentioned, if you're thinking about global events.

  3. Anonymous Coward
    Anonymous Coward

    "Expense" means someone is paying for it - does that mean it not being generated by coordinated malware running under innocent noses?

    1. AVR Bronze badge

      Possibly it's DDoS as a service, and someone was paying to have this company harassed.

      Which could be generated as you describe, but the service provider doesn't want to run it for too long for fear of burning their resources as the actual owners of the devices find out.

  4. Anonymous Coward
    Anonymous Coward

    Someone outside the tent

    Pissing in

    Da?

  5. Kevin McMurtrie Silver badge

    Distraction?

    My own computers have been blocking lots of SSH attacks from Google's 34.x.x.x and 35.x.x.x networks since August 16th. I'm not sure if that's from account take-over attacks hidden under the DDoS or if Google is just taking the next step to their Yahoo-like demise.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like