The Biggest DDoS Attacks in History
In our blog, we’ve already talked about what DDoS attack is, how a DDoS attack is created, the main types, and most importantly, what methods are used to protect against them.
DDoS Attack: What It Is And How To Trace A DDoS Attack? We recommend reading this introductory article first to make sure you understand the main principle of such attacks.
However, today we would like to recall the most famous and powerful attacks in history. As the proverb says: “Learn history so that it doesn’t happen again.” Or at least so that you know what to do in a given situation.
So today, we’ll consider a list of the top and unexpected biggest DDoS attacks in history.
Read Fully-Fledged Guide On Ways To Protect Your Data Online. Use maximum protection in the Internet space.
DDoS in the last century
In the early 1990s, DDoS in the form of SYN flood technology (sending “garbage” requests to the operating system to establish a TCP connection) was sacred. It was passed from mouth-to-mouth and used mostly for mischievous purposes, without much success or resonance.
It was not until 1996 that the CERT, Coordination center at Carnegie Mellon University, published recommendations to counter the SYN flood, thus officially recognizing the problem.
The reason was the first large-scale attack on the largest Internet provider in New York — Panix Networks. It was a commercial attack organized by spammers. They took revenge on Panix for not allowing them to send junk advertising messages to users.
In 1996, a set of free tools with source code for DDoS implementation was published for the first time. This tool was tested two years later at the University of Michigan when the second major DDoS attack took place.
Here’s an interesting fact: the University of Michigan is located in Ann Arbor, where Arbor Networks (one of the leading manufacturers of equipment for countering DDoS) came from. The company’s history began with several research papers written at this university in the wake of the sensational attack.
In 2000, a 15-year-old hiding under the nickname MafiaBoy overturned the most visited sites in the world at that time: eBay, CNN, Dell, Yahoo, Amazon, etc. The online community was in a panic. It seemed that the Internet Apocalypse was coming.
It was at the time the largest DDoS attack in history.
Don’t allow data leaks and interference with your privacy. Learn about Protected Internet and stay safe online.
The Internet, as you can see, is not broken. The industry has learned to resist hackers.
But already in 2001, the technique of the attacks was greatly improved. The first serious attacks of the application-level were launched. When such an attack was made on a network resource containing a vulnerability (an “amplifier”), the system sent a request. Then it was repeatedly replicated by this server and redirected to the victim’s resource.
In 2003, DDoS reached Russia, bringing an attack on MasterHost, the largest website hosting provider in the country at that time.
In 2004, Cisco System absorbed the Israeli developer of attack prevention tools Riverhead Networks. Thanks to this purchase, it created the first successful commercial product for fighting DDoS — Cisco Guard.
A serious arms race began, and the criminal DDoS market was finally formed — with hacker coalitions, competitive wars, and fabulous earnings.
The scale of attacks began to increase exponentially: in 2010, the speed of the most powerful attack exceeded 100 Gbit/s; in 2013 it was 300 Gbit/s. In 2016, there were confirmed reports of attacks exceeding one Tbit/s.
The biggest DDoS attacks in history
Estonia in April 2007
Following official Moscow, representatives of Russian Pro-government youth movements were outraged by the transfer of the “Bronze Soldier in Tallinn”, a World War II monument, from Tallinn’s center to the military cemetery. Simultaneously with information campaigns on the internet (which activists called “blasphemy”) and a series of street actions, a flurry of DDoS attacks hit the websites of publications, banks, and departments in Estonia.
Powerful DDoS attacks on the Estonian Internet only fueled the protest. The population of Estonia, which at that time was considered almost the most internalized in the world, was periodically left without access to government resources, online publications, websites of banks, and organizations for almost three weeks.
War in Georgia: DDoS as a weapon
In the course of the conflict in South Ossetia, Pro-Russian hackers have again supported official Moscow’s position. Their Georgian colleagues did not remain in debt — the parties tried to drown out each other’s news with DDoS attacks. The websites of the Georgian and Ossetian authorities were also affected.
Iran vs iPOS
In 2013, during the presidential election in Iran, almost the only company that independently tracks voters’ opinions was the American iPOS, located in McLane, Virginia, near the CIA’s headquarters. The world’s leading media referred to its survey data from Iran. The company’s website was very popular among Iranians, and as the election approached, it was increasingly attacked by unknown hackers.
North Korea is offline
In 2014, as a result of an attack by Pro-American hackers, North Korea lost its already meager access to the worldwide web. This DDoS was a response to the hacking of the website of Sony Pictures Entertainment, the distributor of the film, which mocked the North Korean leader.
Of course, ordinary residents of North Korea did not feel the problem, since only representatives of the party elite, special services, certain departments, universities, scientific organizations, and employees of foreign embassies and firms have access to the internet.
On the eve of the USA’s presidential election, Hillary Clinton and Donald Trump were attacked the websites of two main candidates simultaneously. A month earlier, the same botnet was already used in an attack on the DNS provider Dyn.
On October 21, 2016, American Internet users began to complain about many popular sites: Twitter, Facebook, Reddit, Spotify, PayPal, Pinterest, Github, Airbnb, Amazon, and others. The problem also affected residents of Europe, including Russia — problems even reached several cities in India.
The reason for the massive failure was a DDoS attack on the DNS server provider Dyn. The garbage traffic that choked the Dyn servers came from Linux-based household devices infected with the Mirai virus. The botnet has been joined by routers and smart kettles, microwaves, Webcams, printers, refrigerators, and baby monitors-several million of the most unexpected household appliances connected to the Internet.
Know more about how to protect your online privacy. Read The Best Way To Protect Yourself From Invasion Of Privacy.