By Ilan Meller
Published June 13, 2016
Distributed Denial of Service (DDoS) is a common attack method used by hacker groups and individuals to severely hamper or shut down an organization’s online services, causing both monetary and reputation losses. Whereas DDoS attacks have been common since the late 2000s, attack sizes have increased significantly in the past few years. New protocol exploits and amplification attacks have become too large for most organizations to combat without the support of a cloud-based DDoS scrubbing service. In 2013, it was reported that SpamHaus services were brought down “thanks” to a 300 Gbps attack, then in 2014, an attack peaking at 400 Gbps was recorded. However, the world’s largest DDoS attack in history (with records to prove it) was captured in 2015 with a peak of 500 Gbps.
An interesting story was published in multiple media channels in January this year when a group calling itself New World Hacking said it initiated a successful 602 Gbps DDoS attack, targeting BBC websites. However, even while the group was marketing itself and its supposed largest DDoS attack in history, there was no real evidence of such attack. The group claimed it used Amazon's cloud service to conduct the attack and it “programmed a bypass linked to proxies” so monitoring firms “wouldn't detect it, anyway.” A source with direct technical knowledge of Amazon's systems and internal processes, who did not want to be named as he or she was not authorized to speak on the record, dismissed the allegation, saying that it “doesn't line up” with how Amazon's cloud services work.
Around the same time that New World Hacking went public with its story, the F5 Security Operations Center (SOC) started seeing an increase in volumetric DDoS attacks. The F5 SOC has already mitigated ten ongoing attacks that peaked north of 100 Gbps in 2016, four over 200 Gbps, and two over 400 Gbps.