China Turns Out To Have Sent DDoS Attacks To Google

JAKARTA - In 2017, the Google Threat Analysis Group discovered a DDoS attack. The attack was sponsored by a country that had a specific purpose.

According to a Google report, the attack was carried out by China's Advanced Persistent Threat (APT) group, often referred to as APT31, and lasted for more than six months. They also achieve a traffic of 2.5 Tbps.

Google Threat Analysis Group Director Shane Huntley, the Security Reliability Engineering team measured the record UDP amplification attacks originating from four Chinese Internet Service Providers (ISPs). Huntley provided an explanation of the use of state sponsored DDoS attacks.

"Although it is less common to see DDoS attacks than phishing or hacking campaigns originating from government-backed threat groups, we have seen larger players increase their ability to launch large-scale attacks in recent years," Huntley said as quoted by TechRadar, Wednesday. October 21st.

For information, DDoS attacks are quite different from attacks in general. These attacks aim to disrupt computers or servers on the organization's internet network by flooding useless traffic.

If this attack is not prevented immediately, it can result in a loss of user trust which can damage the business reputation as well as the profits of the internet provider. According to Huntley, organizations that can protect against DDoS attacks must consider every possible target of the network layer including routers, switches, and link capacity to the application layer which includes web servers, DNS, and email.

However, some attacks do not focus on a single target and instead attack every IP on the network. Because Google discovered this vulnerability, the attack had no effect.

Because, Google immediately reports thousands of vulnerable servers to their network providers and works together to trace the source of the attack so that it can be filtered quickly.

Lastly, Google recommends that individual users always ensure their devices are embedded with dual security, while the business sector is expected to always report suspected cybercriminals and ask network providers to carry out regular checks.