Distributed Denial of Service: 5 Biggest Attacks of the Last Decade

Rahul Bagdai
By Rahul Bagdai
8 Min Read

The number of breaches and total records exposed per breach continue to grow. Globally, there was a 776% growth in attacks between 100 Gbps and 400 Gbps Y/Y from 2018 to 2019, and the total number of DDoS attacks will double from 7.9 million in 2018 to 15.4 million by 2023,” reported Cisco Annual Internet Report (2018–2023) White Paper. That means cyberattacks are growing — rapidly.

Among the rising online threats, DDoS attacks are one of the critical threats. The reason being these attacks are hardly detected and mitigated until it is too late. Then, you and your organization must suffer its aftermath — damage to your networks and systems, your organization’s business and reputation, etc.

Fortunately, there are abundant solutions to prepare mitigation plans for such threats. However, these solutions are not employed by every organization.

So, the question arises: why do organizations do to avoid and mitigate DDoS attacks?

There are various reasons, but the primary reason is the lack of awareness. Most organizations believe they are too small or unpopular for DDoS attacks. Also, some organizations underestimate the danger. That said, let’s check the worst attacks in the last decade to understand the criticality of DDoS attacks. But first, let’s get to know Distributed Denial of Service (and Denial of Service too).

What is Distributed Denial of Service?

Distributed Denial of Service (DDoS), as its name suggests, is a distributed form of denial of service attack. This raises the question: what is Denial of Service?

Denial of Service (DoS) is a cyberattack in which the attacker plans to disrupt the service of a computer or network resource, making it unavailable to its real users. The result: the computer or network resource or service is unavailable for an indefinite or temporary period to its users, which further makes them disbelieve and distrust the resource or service, damaging the business.

A DoS attack utilizes the bottleneck problem. You must know that every digital resource (online or offline) is limited by its set of resources. For example, if your flash drive has the capacity of 4GB, then you cannot copy or load a Blu-ray version of your favorite movie onto it, i.e., it is limited by its resources.

Similarly, a web server (or website) is limited by its resources. A DoS attack plans to subdue the web server by overusing its resources by sending more web requests than the feasible number of requests for its set of resources. That is the attackers try to overload the system, which ceases to work further. Finally, legitimate or real users receive errors when accessing the web server.

If you understand DoS, the meaning of DDoS gets clear. DDoS is the distributed or massive form of DoS in which the attackers send the web requests from many devices or locations — thousands to millions of compromised devices. That is why it is hard to detect and mitigate DDoS attacks since the requests pretend legitimate and arrive from different devices with varied IPs.

According to Cisco, “infrastructure outages also continue to be a threat with over half of operators experiencing this issue. Amplification attackers, who have tools for carrying out a DDoS attack, exploit vulnerabilities in the network and compute resources. Security vendors continue to make sure these attacks are financially unviable for the cybercriminals.” For example, the FBI shut down 15 of the largest DDoS-for-hire services in December 2018, making it financially unviable. Later, DDoS attacks showed an overall downward trend in 2019, per Cisco.

5 Biggest DDoS Attacks of 2010-2019

1. Unnamed (2018)

An unnamed service provider in the US and a client of NETSCOUT was hit by DDoS attack on 5th March, which combinedly sent 1.7 terabits per second of traffic to the service provider. The attack utilized Memcached — a popular memory-caching system — to accomplish the biggest DDoS attack to date.

Though NETSCOUT did not disclose the name of its service provider, the victim provider must be big and popular, seeing the magnitude of the attack.

2.  GitHub (2018)

GitHub — the largest code repository (now acquired by Microsoft) — allows developers to host the source code of their software. GitHub experienced and survived one of the biggest attacks on its platform on 28th February.

On Wednesday, at about 12:15 pm EST, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method, no botnet required,” according to WIRED. GitHub survived the attack thanks to its anti-DDoS provider, which detected and mitigated the attack.

3. Dyn (2016)

Dyn — a web performance and application security company (now acquired in Oracle) — helps developers and organizations to monitor, control, and optimize online infrastructure. Dyn — especially its DNS service — experienced one of the worst DDoS attacks in history, disrupting its services for a complete day.

It was a devastating and disruptive attack that disrupted the services from organizations using Dyn’s DNS. The list included popular names such as Airbnb, Amazon, GitHub, Netflix, PayPal, Reddit, Visa, and The New York Times. At its highest point, the attack sent around 1.2 terabits per second of traffic.

4. OVH (2016)

OVH — a web hosting provider based in France — allows developers and web admins to host their applications and websites. Octave Klaba, the founder and CTO of OVH, tweeted on 21st September that his company was hit with DDoS attacks, which sent more than 1 terabits per second of traffic to OVH.

He claimed that the DDoS attacks were performed by compromised IoT devices like cameras, digital video recorders, and more. Fortunately, OVH survived.

5. GitHub (2015)

GitHub — the popular code hosting platform — was the victim of yet another one of the biggest attacks in history. The attack is said to be politically motivated, seeing the attack targeted two repositories aiming at bypassing the Great Firewall of China (state-sponsored and monitored censorship in China).

The DDoS traffic originated in China, which furthers the doubt that the Chinese Government might have supervised the biggest DDoS attack of the time.

Share This Article
Follow:
Rahul is a technology passionate, looking forward to imparting the spectrum of his insight and verdicts on the 'gadget world' of today. He plans to take TrueTech forward with the consistent support from you readers, friends and family!
Leave a Comment

The number of breaches and total records exposed per breach continue to grow. Globally, there was a 776% growth in attacks between 100 Gbps and 400 Gbps Y/Y from 2018 to 2019, and the total number of DDoS attacks will double from 7.9 million in 2018 to 15.4 million by 2023,” reported Cisco Annual Internet Report (2018–2023) White Paper. That means cyberattacks are growing — rapidly.

Among the rising online threats, DDoS attacks are one of the critical threats. The reason being these attacks are hardly detected and mitigated until it is too late. Then, you and your organization must suffer its aftermath — damage to your networks and systems, your organization’s business and reputation, etc.

Fortunately, there are abundant solutions to prepare mitigation plans for such threats. However, these solutions are not employed by every organization.

So, the question arises: why do organizations do to avoid and mitigate DDoS attacks?

There are various reasons, but the primary reason is the lack of awareness. Most organizations believe they are too small or unpopular for DDoS attacks. Also, some organizations underestimate the danger. That said, let’s check the worst attacks in the last decade to understand the criticality of DDoS attacks. But first, let’s get to know Distributed Denial of Service (and Denial of Service too).

What is Distributed Denial of Service?

Distributed Denial of Service (DDoS), as its name suggests, is a distributed form of denial of service attack. This raises the question: what is Denial of Service?

Denial of Service (DoS) is a cyberattack in which the attacker plans to disrupt the service of a computer or network resource, making it unavailable to its real users. The result: the computer or network resource or service is unavailable for an indefinite or temporary period to its users, which further makes them disbelieve and distrust the resource or service, damaging the business.

A DoS attack utilizes the bottleneck problem. You must know that every digital resource (online or offline) is limited by its set of resources. For example, if your flash drive has the capacity of 4GB, then you cannot copy or load a Blu-ray version of your favorite movie onto it, i.e., it is limited by its resources.

Similarly, a web server (or website) is limited by its resources. A DoS attack plans to subdue the web server by overusing its resources by sending more web requests than the feasible number of requests for its set of resources. That is the attackers try to overload the system, which ceases to work further. Finally, legitimate or real users receive errors when accessing the web server.

If you understand DoS, the meaning of DDoS gets clear. DDoS is the distributed or massive form of DoS in which the attackers send the web requests from many devices or locations — thousands to millions of compromised devices. That is why it is hard to detect and mitigate DDoS attacks since the requests pretend legitimate and arrive from different devices with varied IPs.

According to Cisco, “infrastructure outages also continue to be a threat with over half of operators experiencing this issue. Amplification attackers, who have tools for carrying out a DDoS attack, exploit vulnerabilities in the network and compute resources. Security vendors continue to make sure these attacks are financially unviable for the cybercriminals.” For example, the FBI shut down 15 of the largest DDoS-for-hire services in December 2018, making it financially unviable. Later, DDoS attacks showed an overall downward trend in 2019, per Cisco.

5 Biggest DDoS Attacks of 2010-2019

1. Unnamed (2018)

An unnamed service provider in the US and a client of NETSCOUT was hit by DDoS attack on 5th March, which combinedly sent 1.7 terabits per second of traffic to the service provider. The attack utilized Memcached — a popular memory-caching system — to accomplish the biggest DDoS attack to date.

Though NETSCOUT did not disclose the name of its service provider, the victim provider must be big and popular, seeing the magnitude of the attack.

2.  GitHub (2018)

GitHub — the largest code repository (now acquired by Microsoft) — allows developers to host the source code of their software. GitHub experienced and survived one of the biggest attacks on its platform on 28th February.

On Wednesday, at about 12:15 pm EST, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method, no botnet required,” according to WIRED. GitHub survived the attack thanks to its anti-DDoS provider, which detected and mitigated the attack.

3. Dyn (2016)

Dyn — a web performance and application security company (now acquired in Oracle) — helps developers and organizations to monitor, control, and optimize online infrastructure. Dyn — especially its DNS service — experienced one of the worst DDoS attacks in history, disrupting its services for a complete day.

It was a devastating and disruptive attack that disrupted the services from organizations using Dyn’s DNS. The list included popular names such as Airbnb, Amazon, GitHub, Netflix, PayPal, Reddit, Visa, and The New York Times. At its highest point, the attack sent around 1.2 terabits per second of traffic.

4. OVH (2016)

OVH — a web hosting provider based in France — allows developers and web admins to host their applications and websites. Octave Klaba, the founder and CTO of OVH, tweeted on 21st September that his company was hit with DDoS attacks, which sent more than 1 terabits per second of traffic to OVH.

He claimed that the DDoS attacks were performed by compromised IoT devices like cameras, digital video recorders, and more. Fortunately, OVH survived.

5. GitHub (2015)

GitHub — the popular code hosting platform — was the victim of yet another one of the biggest attacks in history. The attack is said to be politically motivated, seeing the attack targeted two repositories aiming at bypassing the Great Firewall of China (state-sponsored and monitored censorship in China).

The DDoS traffic originated in China, which furthers the doubt that the Chinese Government might have supervised the biggest DDoS attack of the time.

Share This Article
Follow:
Rahul is a technology passionate, looking forward to imparting the spectrum of his insight and verdicts on the 'gadget world' of today. He plans to take TrueTech forward with the consistent support from you readers, friends and family!
Leave a Comment