DDoS (distributed denial of service) assaults are becoming commonplace. A DDoS assault may impede or disable a company’s online services—email, webpages, anything that addresses the internet—whether it be a tiny non-profit or a giant global company. DDoS attacks today, which may target the most important clients, pose a danger to the network and service availability for all tenants, subscribers, and clients of data centers, colocation facilities, hosting companies, and other service providers.
The Top 5 Notable DDoS Attacks Today.
We’re going to look at some of the most well-known DDoS Attacks to date to give you an idea of what these attacks are like “in the wild.” Our selections include some DDoS Attacks that are renowned for their enormous size, while others are chosen due to their significance and results.
1. The AWS DDoS assault in 2020.
Amazon Web Services, the 800-pound gorilla of things cloud computing, was targeted by a huge DDoS Attack in February 2020. This was the most intense DDoS assault in recent history and it targeted an anonymous AWS client using a method dubbed Connectionless Lightweight Directory Access Protocol (CLDAP) Reflection. This approach depends on weak third-party CLDAP servers and amplifies the quantity of data delivered to the victim’s IP address by 56 to 70 times.
The onslaught continued for three days and peaked at an incredible 2.3 gigabytes per second. While the disruption caused by the AWS DDoS Assault was considerably less serious than it might have been, the sheer volume of the attack and the ramifications for AWS hosting clients possibly losing income and suffering brand harm are substantial.
2. The DDoS attacks MiraiKrebs and OVH in 2016.
On September 20, 2016, a DDoS attack exceeding 620 Gbps, which was at the time the most powerful attack ever witnessed, was launched against cybersecurity expert Brian Krebs’ site. Since July 2012, Krebs has logged 269 DDoS assaults, but this one was almost three times larger than anything he or the internet has ever seen.
The Mirai botnet, which at its height later that year included over 600,000 hacked Internet of Things (IoT) devices including IP cameras, home routers, and video players, served as the attack’s main point of origin. Although Mirai had been found in August of the same year, the assault on Krebs’ blog marked its public debut.
On September 19, the second Mirai assault targeted OVH, one of the biggest European hosting companies, which hosts almost 18 million apps for more than one million customers. This assault, which lasted for around seven days and targeted a single, unnamed OVH client, was carried out by an estimated 145,000 bots and produced traffic loads of up to 1.1 terabits per second. The Mirai botnet marked a substantial improvement in the potency of a DDoS assault. The Mirai network’s magnitude and complexity, as well as the scope and concentration of the assaults, were unprecedented.
3. 2016’s MiraiDyn DDoS assault.
Before discussing the third noteworthy Mirai DDoS assault of 2016, it is important to note the following linked event: The Mirai DDoS platform has been copied and altered several times since September 30, when someone claiming to be the creator of the Mirai malware posted the source code on different hacker forums.
A one terabit per second traffic deluge against Dyn, a significant Domain Name Service (DNS) provider, on October 21, 2016, set a new record for a DDoS attack. The DDoS assault may have really reached a pace of 1.5 terabits per second, according to some information. Numerous well-known websites, including GitHub, HBO, Twitter, Reddit, PayPal, Netflix, and Airbnb were unavailable after the traffic tsunami knocked Dyn’s services down. “We detected tens of millions of unique IP addresses connected with the Mirai botnet that were part of the assault,” said Kyle York, chief strategy officer at Dyn.
Mitigation is challenging since Mirai allows sophisticated, multi-vector assaults. Even though Mirai was behind the largest attacks up to that point, the 2016 Mirai attacks were significant for the release of the Mirai source code, which allowed anybody with basic computer skills to easily build a botnet and launch a Distributed Denial of Service attack.
4. The 2012 DDoS assault on six institutions.
Six U.S. banks—Bank of America, JPMorgan Chase, U.S. Bank, Citigroup, Wells Fargo, and PNC Bank—were the targets of a DDoS assault wave on March 12, 2012. Each assault generated approximately 60 gigabits of DDoS attack traffic per second and was carried out by hundreds of servers that had been taken over from the Brobot botnet.
These assaults were notable for their perseverance at the time since the attackers bombarded their targets with a variety of attack strategies before settling on one that was successful. Therefore, even if a bank had the tools to handle certain forms of DDoS assaults, they were unable to stop other kinds of attacks.
The suspected involvement of the Izz ad-Din al-Qassam Brigades, the military branch of the Palestinian Hamas movement, in the 2012 bank assaults was their most notable feature. The assaults also had a significant effect on the impacted institutions’ income, mitigation costs, customer service concerns, branding, and image.
5. The 2018 GitHub assault
The software development platform GitHub was subjected to a DDoS assault on February 28, 2018, that peaked at 1.35 terabits per second and lasted for around 20 minutes.
The traffic might be linked to “over a thousand separate autonomous systems (ASNs) over tens of thousands of unique endpoints,” according to GitHub.
GitHub’s defenses were overpowered even though they were well-prepared for a DDoS assault; they had no means of anticipating that such a large-scale attack would be conducted.
The GitHub DDoS assault was significant for its size as well as the fact that it was carried out by abusing a Memcached standard command, a database caching technology used to speed up networks and websites. The Memcached DDoS attack approach is extremely powerful because it offers an amplification factor of up to an astounding 51,200 times—the ratio of the attacker’s request size to the quantity of DDoS attack traffic produced.
Our ranking of the top five has now come to an end. An eye-opening realization of how potent, persistent, and disruptive DDoS assaults have grown, this is.
iTechwares can protect your business from getting hacked and DDoS attacks. We also can analyze your website and system to find out the reason, source, and severity of your website if this gets a DDoS attack.