The Google Cloud team revealed late last week that it was attacked by DDoS in September 2017, targeting service Google and reached 2,54 Tbps, making it the largest DDoS attack ever recorded.
The Google Threat Analysis Team (TAG), Google security team analyzing high-level threat groups, said the attack was carried out by state hackers. In particular, the TAG investigators stated that behind the attack is the China, as it comes from the network of four service providers Internet of the Asian country (ASNs 4134, 4837, 58453 and 9394).
Damian Menscher, security engineer at Google Cloud, said the 2,54 Tbps attack was the culmination of six months campaign which used many methods of attack to disrupt Google's infrastructure server. However, Menscher did not provide further information on which services were targeted in this campaign. This attack is four times larger than the 623 Gbps attack carried out by Mirai botnet a year earlier, in 2016. In addition, this attack is larger than the 2,3 Tbps DDoS attack aimed at its infrastructure Amazon AWS in February this year.
Although Google kept the attack secret for three years, it has now revealed the security incident for various reasons. In particular, the Google TAG team wanted to raise public awareness of the growing tendency of government hackers to disrupt their DDoS targets. attacks.
The Google Cloud team also wanted to warn and prepare users about the fact that DDoS attacks are expected to intensify significantly in the coming years, as internet bandwidth also increases.
In a report released last Wednesday, data center company Equinix forecast an increase of about 45% (~ 16.300 + Tbps) in global internet bandwidth by 2023.