Tech giants Google, Microsoft, Amazon, and Cloudflare have successfully mitigated a major Distributed Denial-of-Service (DDoS) cyberattack, which had the potential to disrupt these companies' services.
DDoS attacks involve cybercriminals overwhelming targeted servers with a series of data requests, rendering it impossible for legitimate web traffic to reach its destination and causing the servers to go offline.
In the respective blog entries of the four companies, they detailed a recently identified vulnerability called "HTTP/2 Rapid Reset," which makes web pages load faster by letting a website receive many requests at once through one connection.
These companies have since reported they would effectively address the situation by developing technology and implementing supplementary protection to mitigate the risk of similar attacks.
This August, Google stopped the largest DDoS attack to date, peaking above 398 million requests per second (rps)—7½ times larger than in August 2022.— Google Cloud (@googlecloud) October 11, 2023
Learn how we blocked the novel HTTP/2 “Rapid Reset” technique affecting multiple internet companies ↓https://t.co/zr5SGKFGF4
Google Received the Biggest DDoS Attack
According to Google, the attacks peaked in August with over 398 million requests per second, which accounted for more than seven times the size of any prior attack made in the previous years.
Additionally, the company said it only took two minutes to enact such an attack that "generated more requests than the total number of article views reported by Wikipedia during the entire month of September 2023."
Meanwhile, Cloudflare had an incredibly high point of 201 million requests in a single second, marking a new record for the company.
Amazon had the least number of requests, reaching a maximum of 155 million per second.
While Microsoft hasn't disclosed the numbers, the tech giant has since launched new Microsoft Security Updates on October 10 to address the issues.
Edited by Nikola Djuric