The tech firm absorbed the massive 2.5Tbps of attack in September 2017. Google says that it was the highest bandwidth attack reported till date. The attack combined six culmination of a six-month campaign that used multiple methods to breach the system.
In a statement on Friday, Google said, “Despite simultaneously targeting thousands of our IPs, presumably in hopes of slipping past automated defences, the attack had no impact. This demonstrates the volumes a well-resourced attacker can achieve: This was four times larger than the record-breaking 623 Gbps attack from the Mirai botnet a year earlier. It remains the highest-bandwidth attack reported to date, leading to reduced confidence in the extrapolation.”
The attackers created a network to spoof 167mbps to 180,000 exposed CLDAP, SMTP and DNS servers. This was later used to send large responses to Google. The DDoS was planned hoping to disrupt the victim’s service with useless traffic.
Google believes that this attack doesn’t expose user data or lead to compromised systems. It would have resulted in an outage or loss of user trust.
The cybercriminals are constantly evolving the techniques that they use to carry out DDoS attacks. Some attacks don’t even focus on a specific target but they attack every IP in a network. The primary concern for all large tech companies is the create an infrastructure that can estimate and withstand any size of attacks in future.