fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Blocks Largest HTTPS DDoS Attack ‘reported to date’

Google Blocks Largest HTTPS DDoS Attack ‘reported to date’

A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind.

In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in June.

Assault lasted 69 minutes

The attack started on the morning of June 1, at 09:45 Pacific Time, and targeted the victim’s HTTP/S Load Balancer initially with just 10,000 RPS.

Also Read: Cybersecurity in 2022: What businesses should know

In eight minutes, the attack intensified to 100,000 RPS and Google’s Cloud Armor Protection kicked in by generating an alert and signatures based on certain data pulled from traffic analysis.

Two minutes later, the attack peaked at 46 million requests per second:

Record-breaking HTTPS DDoS attack peaks at 26 million RPS
HTTPS DDoS attack peaks at 46 million requests per second
source: Google

To put into perspective how massive the attack was at its peak, Google says that it was the equivalent of getting all the daily requests to Wikipedia in just 10 seconds.

Luckily, the customer had already deployed the recommended rule from Cloud Armor allowing operations to run normally. The assault ended 69 minutes after it started.

“Presumably the attacker likely determined they were not having the desired impact while incurring significant expenses to execute the attack,” reads a report from Google’s Emil Kiner (Senior Product Manager) and Satya Konduru (Technical Lead)

The malware behind the attack has yet to be determined but the geographic distribution of the services used points to a Mēris, a botnet responsible for DDoS attacks peaking at 17.2 million RPS and 21.8 million RPS, both record-breaking at their time.

Also Read: Exploring the dangers of game scams on children

Mēris is known for using unsecured proxies to send out bad traffic, in an attempt to hide the origin of the attack.

Google researchers say that the attack traffic came from just 5,256 IP addresses spread in 132 countries and leveraged encrypted requests (HTTPS), indicating that the devices sending the requests have rather strong computing resources.

“Although terminating the encryption was necessary to inspect the traffic and effectively mitigate the attack, the use of HTTP Pipelining required Google to complete relatively few TLS handshakes.”

Another characteristic of the attack is the use of Tor exit nodes to deliver the traffic. Although close to 22% or 1,169 of the sources channeled the requests through the Tor network, they accounted for just 3% of the attack traffic.

Despite this, Google researchers believe that Tor exit nodes could be used to deliver “a significant amount of unwelcome traffic to web applications and services.”

Starting last year, an era of record-breaking volumetric DDoS attacks started with a few botnets leveraging a small number of powerful devices to hit various targets.

In September 2021, Mēris botnet hammered Russian internet giant Yandex with an attack peaking at 21.8 million requests per second. Previously, the same botnet pushed 17.2 million RPS against a Cloudflare customer.

Last November, Microsoft’s Azure DDoS protection platform mitigated a massive 3.47 terabits per second attack with a packet rate of 340 million packets per second (pps) for a custmer in Asia.

Another Cloudflare customer was hit with DDoS reaching 26 million RPS.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us