Contact Us:
CheapDeveloper » Webmaster » Articles » 8 Biggest DDoS Attacks in History

8 Biggest DDoS Attacks in History

05 December 2021, Sunday By Victoria Frolova

The main purpose of a DDoS attack is to make the target resource inaccessible to ordinary users. Attackers send a huge number of requests to services and websites. Those do not withstand the load and stop responding. 

Botnets are commonly used to carry out DDoS attacks. These are networks of tens of thousands of infected devices. The power of botnets used for attacks is constantly increasing. The number of attacks themselves is growing - for example, according to Rostelecom's estimates, Russian companies were attacked 2.5 times more often in 3 quarters of 2021 than in the same period in 2020.

Below are examples of the biggest DDoS attacks in history, from which large corporations and entire countries have suffered.

8 Biggest DDoS Attacks in History

1. 2007 - cyberattacks on Estonia

Attack power: Unknown.

Consequences: trade suffered - there were problems with cash registers, payment equipment, systems malfunctioned. The cybercriminals practically disabled the electronic mail services, and the information transmission channels were clogged with spam. 

There is no comprehensive information about the attack power. But another thing is striking - the time of activity of the attackers. For about 3 weeks, the botnets sent out huge volumes of spam, flooding the Estonian network with requests. 

2007 cyberattacks on Estonia

2. 2012 - American banks attacked

Attack power: 60 Gbps.

Consequences: 6 banks came under fire at once - Bank of America, JPMorgan Chase, US Bank, Citigroup, Wells Fargo and PNC Bank. The attackers used different methods to check which type of attack the banks were least protected from. 

3. 2016 - numerous attacks by the Mirai botnet

Attack power: 623 Gbps to 1.1 Tbps.

Consequences: On September 20, 2016, the website of cybersecurity specialist Brian Krebs was attacked. 

In October, Dyn, a major DNS provider, was attacked. Due to the increased load, a number of popular sites fell along with Dyn: GitHub, HBO, Twitter, Reddit, PayPal, Netflix and Airbnb.

attacks by the Mirai botnet

The source of these attacks was the Mirai botnet, which at its peak included 60,000 compromised IoT devices, in particular cameras and routers. Botnet activity was recorded up to 2017.

4. 2017 - attacked Google 

Attack power: 2.54 Tbps.

Impact: Google services worked without interruptions, user data was not affected.

This is the most powerful DDoS attack in history to date. According to Google Threat Analysis Group (TAG), China was the source of the attack. Analysts blamed "government hackers" for it.

The 2.54 Tbps attack was the culmination of a six-month campaign against Google. For 6 months, the attackers used various methods in an attempt to undermine the operation of the corporation's infrastructure.

Google experts kept the incident a secret until 2020. They decided to publicize the attack in order to draw attention to the increasing cases of attacks by government hackers, as well as to the increase in the power of botnets. 

5. 2018 - attacked GitHub

Attack power: 1.35 Tbps.

Consequences: the service slowed down by about 4 minutes, it was disabled for another 5 minutes. Then the attackers stopped their actions.

CDN provider Akamai helped to cope with the influx of junk traffic on GitHub. After the attack, administrators admitted that the attackers exploited security holes in the site itself. To generate traffic, a large botnet was not needed - it was enough to put pressure on the vulnerabilities of Memcached servers.

2018 - attacked GitHub

6. 2020 - attacked Amazon Web Services client

Attack power: 2.3 Tbps.

Consequence: The exact information was not disclosed. AWS estimates that every minute of downtime costs the business $5,600, but this figure may vary by region and business.

The attack lasted 3 days. However, AWS customers have not experienced major service outages.

7. August 2021 - attacked one of the Microsoft Azure customers

Attack power: 2.4 Tbps.

Consequence: no exact information. Microsoft said the attack lasted 9 minutes and was carried out by approximately 70,000 devices from the Asia-Pacific region. Hosts from Malaysia, Vietnam, Taiwan, Japan, China, USA were seen.

8. September 2021 - Yandex attacked

Attack power: 21.8 million requests per second at the peak.

Consequences: Despite its scale, the attack did not affect Yandex services. User data was not affected either. 

A few days after the attack, Yandex published in a blog on some of the results of an investigation that the company was conducting together with colleagues from Qrator Labs. 

It follows from the material that specialists, back in June 2021, began to notice signs of a new type of botnet with several hundred thousand devices. Researchers associate it with the largest attacks, which were recorded in New Zealand, the United States and Russia in August/September 2021.

According to StormWall, the number of DDoS attacks has grown exponentially, especially after the outbreak of the pandemic, when companies began to actively go online. Now attacks are recorded not only on large services, but also on small resources.


Read also:

Add a comment
Comments (0)