Industry Top 10 Most Harmful Denial-of-service (DDoS) Attack Event According to Size

DDoS attacks have been growing in size over the last few years. Do you know just how large the biggesever recorded were? We’ve created an infographic that showcases the Top 10 DDoS attacks in history, and illustrates just why it might be time for a new approach to DDoS mitigation.

DDoS attacks are becoming much larger, more frequent and more sophisticated than seen previously. As attacks worsen, they take down companies’ network infrastructure and badly affect their reputation – as well as being very costly to repair. In reverse order, here is a rundown of the industry’s Top Ten most harmful DDoS attacks according to size:

Industry Top 10 Most Harmful Denial-of-service (DDoS) Attack Event According to Size. Source: Nokia
Industry Top 10 Most Harmful Denial-of-service (DDoS) Attack Event According to Size. Source: Nokia

Spamhaus | 2013

300 Gbps
In at no. 10 is the 2013 attack against Spamhaus, which was overloaded with 300 gigabits of traffic per second, knocking its website and part of its email services offline. As an anti-spam organization, the company is targeted frequently.

Cloudflare | 2014

400 Gbps
The 9th most harmful attack was directed at the security provider Cloudflare in 2014. The powerful NTP amplification attack was originally aimed at a customer, but managed to take down Cloudflare’s whole network using a mirroring technique.

Occupy Central | 2014

500 Gbps
The Hong-Kong Occupy campaign was hit by a massive 500 Gbps attack after its launch in 2014. The attackers targeted not only Occupy Central’s web hosting services, but two other associated sites too.

BBC | 2016

602 Gbps
On New Year’s Eve, 2016, the BBC’s websites were swamped and taken down for several hours. The attackers, New World Hacking, claimed to be testing their server power.

Krebs on Security | 2016

620 Gbps
American journalist and reporter Brian Krebs’ website suffered an attack almost twice the size of anything it had previously experienced in September 2016. Luckily, attempts to knock KrebsonSecurity.com offline did not succeed.

Imperva | 2016

650 Gbps
This 2016 Leet botnet attack was the first of its kind, attacking the cybersecurity software company Imperva with a whopping 650 Gbps. A second attempt only lasted 17 minutes but was able to flood more than 150 million packets per second.

OVH | 2016

1 Tbps
At no.4 is the barrage that targeted cloud hosting company OVH in September 2016. Significantly more powerful than the Imperva attack, it was the largest seen at the time, comprising more than 150,000 IoT devices.

DYN | 2016

1.2 Tbps
DNS provider DYN was hit by a huge cyberattack in 2016, taking down major websites like Twitter, Amazon and The Guardian with it. The attack was reportedly commanded by the malware code Mirai, with the affected website Mashable warning, “this is just the beginning for these types of attacks”.

GitHub | 2018

1.35 Tbps
GitHub was hit by a record-breaking attack in February 2018, with an onslaught of traffic at 1.35 terabits per second. This time attackers used Memcached servers to amplify the attack using a spoofed IP address.

Anonymous | 2018

1.7 Tbps
Just five days later, GitHub’s unwanted record was broken. An unnamed US service provider suffered a 1.7Tbps attack. Its defenses fortunately proved strong enough to prevent any outages, but not everybody is so well prepared.

Having robust network protection against the ever-growing size, sophistication and frequency of DDoS attacks is more important than ever. At Nokia, we’re experts in arming our customers against harmful attacks. Our 360-degree, insight-driven and inline approach to DDoS mitigation makes the network the first line of defense. It avoids over use of costly security scrubbing centers and can reduce DDoS mitigation costs by as much as 85%.

Source: Nokia