Unfortunately, DDoS attacks are increasingly common these days. They are used by a myriad of people. They can be hackers who want to make a statement, governments wishing to censor their citizens' internet browsing, or just criminals trying to blackmail online shops.
While there are ways to mitigate smaller attacks through various services, those that surpass 100Gbps often result in outages across websites. Hackers are finding more and more techniques for DDoS attacks on top of the already existing ones.
As a result, DDoS attacks have drastically risen in size and scope over the last decade. Here are the five largest attacks in recent history.
1. GitHub (2015)
GitHub is a repository for public code, and in 2015 they were hit by the largest DDoS attack in their history.
Two pages were a target of this attack, GreatFire and the Chinese version of the New York Times, and both were regarding projects that are designed to combat censorship in China. The malicious code has been traced back to China, even to the Chinese government, as the instigator of the attack. The origin of the code was China Unicom which has aided the Great Firewall of China, a censorship organization, in the past. Throughout the period of the attack, GitHub experienced outages across its entire network, not just the two targeted pages.
2. BBC (2015)
On New Year's Eve of 2015, the BBC was hit with what was thought to be the largest DDoS attack in history.
The BBC's entire domain including its on-demand television and radio player were down for three hours and continued to have issues for the remainder of the day. The attack was claimed by a group called the New World Hackers who state they were using the attack as a "test of power." They also claimed attacking at a rate of 600Gbps, but this size was later proven to be false.
3. Spamhaus (2013)
The attack on the Dutch anti-spam website stood as the largest DDoS attack in history for some time topping out at 400Gbps. While the scale of this attack was large enough to wreak havoc across Spamhaus' network, the real issue arose when the attackers changed their tactics and switched their focus.
They began to target CloudFlare (Spamhaus' security network) and CloudFlare's bandwith providers. This began a domino effect that resulted in slow service speed beyond Spamhaus and CloudFlare to the greater internet. One of the attackers was discovered to be a 13-year-old hacker for hire named Seth Nolan McDonagh. Due to its anti-spam and junk mail practices, Spamhaus is a common target for threats and attacks.
4. Unnamed CloudFlare Client (2014)
Topping out at 400Gbps, this DDoS was more than 33% greater than the Spamhaus attack. The customer target could not be named due to confidentiality agreements, but the attack was directed at servers in Europe. This attack was unique as the hackers exploited network time protocol (NTP) servers in order to slow response times.
5. Hong Kong (2014)
The largest DDoS attack in history was a result of political unrest as a part of Hong Kong's Occupy Central protests. An attack reaching 500Gbps was carried out against pro-democracy websites including independent news site Apple Daily and PopVote.
PopVote held an unofficial civil referendum to extend suffrage rights to Hong Kong. While many assume the suspect is the Chinese government, this is not necessarily certain. However, the attacker could be someone who is not sympathetic with the Hong Kong democracy movement or someone trying to make the Chinese government look bad.
DDoS attacks are constantly growing and changing, but you don't need to live in fear that you might be a target.
With AbuseHQ, we can help you and you can help others to make DDoS attacks less frightening for your network infrastructure. To see how we work with teams to improve customer trust and safety, click here for a Free 30-Day Trial.