Google recently thwarted an unprecedented Distributed Denial of Service (DDoS) attack, setting a new benchmark in cybersecurity. In August, the company faced an onslaught of 398 million requests per second, an intensity 7.5 times greater than the previous record, underscoring the evolving threats posed by malicious actors.
The New Rapid Reset Technique
The attackers utilized an innovative technique known as the Rapid Reset, leveraging stream multiplexing, a critical aspect of the HTTP/2 protocol. This technique led to the remarkable scale of the attack. In just two minutes, it generated more queries than the number of Wikipedia articles read throughout the entire month of September 2023.
Safeguarding Critical Infrastructure
This wave of attacks commenced in late August and continues to target significant infrastructure providers, including Google’s services, Google Cloud network, and its customers. Google’s robust global load distribution infrastructure played a pivotal role in maintaining the functionality of its services. Additionally, the company collaborated with industry partners to identify attack mechanisms and develop effective mitigation strategies.
Identifying Vulnerabilities in HTTP/2 Protocol
During the attack, Google identified a vulnerability in the HTTP/2 protocol, assigned the CVE-2023-44487, with a severity rating of 7.5 out of 10. This vulnerability facilitated the implementation of the Rapid Reset technique. To bolster security, Google advises administrators of HTTP/2 servers to ensure that patches addressing the CVE-2023-44487 vulnerability have been promptly installed.
NIX Solutions concludes that Google’s successful defense against the historic DDoS attack highlights the importance of proactive collaboration and vigilant security measures in the face of evolving cyber threats.