DoS attackDoS attack

Definition
A type of attack that overloads the system with traffic to prevent legitimate users from accessing the cloud service

Prevention
Use traffic management tools and establish DDoS mitigation strategies

Real World Cloud Attack Examples

April 2015

magnitude of 1.2 terabits of traffic per second (TBps)

1.Two technical investigations claim that hackers who have access to China’s Internet backbone are responsible for the enormous denial-of-service attacks that have occasionally prevented GitHub from operating

2.for more than five days. As previously reported, millions of computer users both inside and outside of China continuously load and reload the two GitHub pages, creating an infinite loop that caused unabated outages across the whole GitHub network as well as the two targeted pages.  Every computer that is attacking the GitHub servers is running malicious code that secretly enlists it as a soldier in a vast DDoS army. https://arstechnica.com/information-technology/2015/03/massive-denial-of-service-attack-on-github-tied-to-chinese-government/

October 2016

magnitude of 1.2 terabits of traffic per second (TBps)

A significant percentage of the domain name system (DNS) infrastructure on the internet is managed by the servers of Dyn, a company.  This devastating attack caused downtime on a number of significant websites, including Airbnb, Netflix, PayPal, Visa, Amazon, The New York Times, Reddit, and GitHub.  According to Dyn, “100,000 malicious endpoints” linked to the Mirai Botnet were employed in the attack.

September 2017

magnitude of 2.54 terabits of traffic per second (TBps)

2017’s September saw the largest DDoS assault to date. Having a magnitude of 2.54 TBps, the attack concentrated on Google services. In October 2020, Google Cloud announced the hack.

February 2018

magnitude of 1.3 terabits of traffic per second (TBps)

One of the biggest verifiable DDoS attacks on record targeted GitHub, a well-known website for managing source code that is used by millions of developers. 126.9 million packets were sent per second during this attack, which had a throughput of 1.3 TBps.  The GitHub DDoS assault was a memcached DDoS assault, hence no botnets were involved. As an alternative, the attackers made use of memcached, a well-known database caching technique, and its amplifying impact.

February 2020

magnitude of 2.3 terabits of traffic per second (TBps)

In February 2020, AWS announced that it had stopped a significant DDoS attack. This attack generated 2.3 terabits of traffic per second (TBps) at its height. Which customer was the target of the attack? AWS wouldn’t say.

Denial of Service Attacks
Denial of Service Attacks