As more companies begin transitioning to online services such as cloud computing, hackers and cyber attackers are looking toward distributed detail of service (DDoS) attacks to cause disorder and chaos. While security systems may be in place, DDoS attacks are easy to organize and execute – and they are increasing in sophistication as the years past. Here are some of the most prominent companies who suffered from DDoS attacks in recent years.
GitHub is a popular online code management service trusted by software developers around the world. However, in February 2018, 1.3 terabits per second of traffic suddenly flooded its servers to shut the site down. To this day, the February 2018 attack on GitHub is the largest DDoS attack in recorded history. However, GitHub was prepared with a DDoS protection service – and the attack only lasted for 20 minutes. The DDoS service that GitHub used detected the attack and took immediate steps to minimize the impact it would have on the servers.
The prestigious British media outlet, the BBC, suffered from a large-scale DDoS attack in December 2015. The extent of the attack was so severe that it took BBC’s sites down for three hours. At the time, it was the biggest DDoS attack on record – the group responsible, New World Hacking, launched a 600 gigabit per second attack and took down the BBC’s sites completely. The attackers used cloud computing resources from a couple of Amazon AWS servers to orchestrate the attack – demonstrating how sophisticated these hackers are becoming.
Another major DDoS attack took place against various financial institutions in September, October, and December of 2012. The group, known as Izz ad-Din al-Qassam Cyber Fighters launched the attacks to force YouTube and other sites to remove a movie they considered offensive. The December attacks involved targeting six major banks over the course of three days. Customers experienced disruptive service and limited access to accounts, as well as a severe slowdown. The attacks reached as high as 63.3 gigabits per second.
In 2014, the Hong Kong-based grassroots movement known as Occupy Central was the target of a major DDoS attack. While the organization was working for a more democratic voting system in Hong Kong, attackers decided to harm them through a 500 gigabit per second data flood. This attack targeted three of Occupy Central’s web hosting services. In addition, two independent sites known as PopVote and Apple Daily were subsequently involved in the attack.
Sometimes, even security companies can fall victim to ruthless DDoS attacks. In 2014, the security provider and content delivery network CloudFlare was affected by a 400 gigabit per second DDoS attack. Although the attack was directed at one customer on their network – and it was technically mitigated – internet users in parts of Europe actually noticed slowdowns.
Spamhaus, a nonprofit that tracks online spam activity, was also hit with a DDoS attack in 2013. They were targeted by Cyberbunker – a group of spammers who were unhappy about being blacklisted. It is not uncommon for Spamhaus to see threats, but at 300 gigabits per second of traffic. This required hiring Cloudflare to mitigate the DDoS attack. It continued to affect Cloudflare’s large network, the internet exchanges in Europe. Also Asia, and consequently internet speeds in those areas. The organizers of this DDoS attack have since been arrested.
When Dyn, a major DNS provider, was hit by a large DDoS attack in October 2016 it affected many well-known companies who rely on their services. The internet saw major slowdowns worldwide – including many U.S. based companies such as Visa, PayPal, Amazon, Netflix, and the New York Times. What was unique about this attack was more than its scale. It originated from the Mirai botnet (an open source malware) which “enlisted” unprotected. Internet-connected devices such as security cameras and DVRs to start a DDoS attack. Whereas malware typically infects computers, this incident showed how easily a DDoS attack could be generated in a time when everything connects to the internet.
The popular virtual game Pokemon Go also suffered the impacts of a DDoS attack. In July 2016, players had difficulty connecting to the game when a cyber-collective known as PoodleCorp flooded the servers with gigabits of data. Several players took to social media to voice their dismay over the attack – but thankfully, the app recovered.
If your company is worried about DDoS attacks, solutions are available. Cybersecurity experts around the world are looking to match the hackers at their level and diminish the impact that these attacks can have on your company. While your company should be worried about the possibility of DDoS attacks. Hiring a reliable DDoS protection service can help protect your sites against them in the future.