Editing Denial-of-service attack (section)

==History==
[[Panix (ISP)|Panix]], the third-oldest [[Internet service provider|ISP]] in the world, was the target of what is thought to be the first DoS attack. On September 6, 1996, Panix was subject to a [[SYN flood]] attack, which brought down its services for several days while hardware vendors, notably [[Cisco]], figured out a proper defense.<ref>{{Cite web|url=https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-30/dos-attacks.html|title=Distributed Denial of Service Attacks - The Internet Protocol Journal - Volume 7, Number 4|website=Cisco|language=en|access-date=2019-08-26|archive-url=https://web.archive.org/web/20190826143507/https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-30/dos-attacks.html|archive-date=2019-08-26}}</ref> Another early demonstration of the DoS attack was made by Khan C. Smith in 1997 during a [[DEF CON]] event, disrupting Internet access to the [[Las Vegas Strip]] for over an hour. The release of sample code during the event led to the online attack of [[Sprint Corporation|Sprint]], [[EarthLink]], [[E-Trade]], and other major corporations in the year to follow.{{Citation needed|date=March 2025}} The largest DDoS attack to date happened in September 2017, when [[Google Cloud Platform|Google Cloud]] experienced an attack with a peak volume of {{val|2.54|u=Tb/s}}, revealed by Google on October 17, 2020.<ref>{{Cite web |last=Cimpanu |first=Catalin |title=Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date |url=https://www.zdnet.com/article/google-says-it-mitigated-a-2-54-tbps-ddos-attack-in-2017-largest-known-to-date/ |access-date=2021-09-16 |website=ZDNet |language=en}}</ref> The record holder was thought to be an attack executed by an unnamed customer of the US-based service provider [[Arbor Networks]], reaching a peak of about {{val|1.7|u=Tb/s}}.<ref>{{cite web|url=https://arstechnica.com/information-technology/2018/03/us-service-provider-survives-the-biggest-recorded-ddos-in-history/|title=US service provider survives the biggest recorded DDoS in history|first=Dan|last=Goodin|date=5 March 2018|website=Ars Technica|access-date=6 March 2018}}</ref>

In February 2020, [[Amazon Web Services]] experienced an attack with a peak volume of {{val|2.3|u=Tb/s}}.<ref>{{Cite news|date=Jun 18, 2020|title=Amazon 'thwarts largest ever DDoS cyber-attack'|work=BBC News|url=https://www.bbc.com/news/technology-53093611|access-date=Nov 11, 2020}}</ref> In July 2021, CDN Provider [[Cloudflare]] boasted of protecting its client from a DDoS attack from a global [[Mirai botnet]] that was up to 17.2 million requests per second.<ref>{{Cite web |date=2021-08-23 |title=Cloudflare Mitigated Record-Setting 17.2 Million RPS DDoS Attack |url=https://www.securityweek.com/cloudflare-mitigated-record-setting-172-million-rps-ddos-attack/ |website=SecurityWeek}}</ref> Russian DDoS prevention provider [[Yandex]] said it blocked a HTTP pipelining DDoS attack on Sept. 5. 2021 that originated from unpatched Mikrotik networking gear.<ref>{{Cite web|title=Yandex Pummeled by Potent Meris DDoS Botnet|url=https://threatpost.com/yandex-meris-botnet/169368/|access-date=2021-12-23|website=threatpost.com|date=10 September 2021 |language=en}}</ref> In the first half of 2022, the [[Russian invasion of Ukraine]] significantly shaped the cyberthreat landscape, with an increase in cyberattacks attributed to both state-sponsored actors and global hacktivist activities. The most notable event was a DDoS attack in February, the largest Ukraine has encountered, disrupting government and financial sector services. This wave of cyber aggression extended to Western allies like the UK, the US, and Germany. Particularly, the UK's financial sector saw an increase in DDoS attacks from [[Nation state|nation-state]] actors and hacktivists, aimed at undermining Ukraine's allies.<ref name=":2">{{Cite web |last=Team |first=Azure Network Security |date=2023-02-21 |title=2022 in review: DDoS attack trends and insights |url=https://www.microsoft.com/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/ |access-date=2024-04-07 |website=Microsoft Security Blog |language=en-US}}</ref>

In February 2023, Cloudflare faced a 71 million/requests per second attack which Cloudflare claims was the largest HTTP DDoS attack at the time.<ref>{{Cite web|title=Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack|url=
https://blog.cloudflare.com/cloudflare-mitigates-record-breaking-71-million-request-per-second-ddos-attack/|access-date=2024-01-13|website=The Cloudflare Blog|date=13 February 2023|language=en}}</ref> HTTP DDoS attacks are measured by HTTP requests per second instead of packets per second or bits per second. On July 10, 2023, the fanfiction platform [[Archive of Our Own]] (AO3) faced DDoS attacks, disrupting services. [[Anonymous Sudan]], claiming the attack for religious and political reasons, was viewed skeptically by AO3 and experts. Flashpoint, a threat intelligence vendor, noted the group's past activities but doubted their stated motives. AO3, supported by the non-profit [[Organization for Transformative Works]] (OTW) and reliant on donations, is unlikely to meet the $30,000 [[Bitcoin]] ransom.<ref>{{Cite web |last=Weatherbed |first=Jess |date=2023-07-11 |title=AO3 fanfiction site forced offline by wave of DDoS attacks |url=https://www.theverge.com/2023/7/11/23790860/ao3-fanfiction-archive-down-outage-ddos-attacks |access-date=2024-04-09 |website=The Verge |language=en}}</ref><ref>{{cite web |date=10 July 2023 |title=Archive of Our Own is down due to a DDoS attack |url=https://www.polygon.com/23790167/ao3-down-ddos-attack-archive-of-our-own |website=Polygon}}</ref> In August 2023, the group of hacktivists [[Noname057(16)|NoName057]] targeted several Italian financial institutions, through the execution of [[slow DoS attack]]s.<ref>{{cite web|url=https://www.redhotcyber.com/post/settimo-giorno-di-attacchi-informatici-allitalia-noname05716-torna-alle-banche-e-alle-telecomunicazioni/ |title=Settimo giorno di attacchi informatici all'Italia. NoName057(16) torna alle Banche e alle Telecomunicazioni |date=6 August 2023 }}</ref> On 14 January 2024, they executed a DDoS attack on Swiss federal websites, prompted by [[President Zelensky]]'s attendance at the [[Davos World Economic Forum]]. Switzerland's National Cyber Security Centre quickly mitigated the attack, ensuring core federal services remained secure, despite temporary accessibility issues on some websites.<ref>{{Cite web |date=2024-01-17 |title=Switzerland hit by cyberattack after Ukraine president's visit |url=https://www.swissinfo.ch/eng/politics/switzerland-hit-by-cyberattack-after-ukraine-president-s-visit/49136116 |access-date=2024-04-08 |website=SWI swissinfo.ch |language=en-GB}}</ref> In October 2023, exploitation of a new vulnerability in the [[HTTP/2]] protocol resulted in the record for largest HTTP DDoS attack being broken twice, once with a 201 million requests per second attack observed by Cloudflare,<ref>{{Cite web|title=HTTP/2 Rapid Reset: deconstructing the record-breaking attack|url=https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
|access-date=2024-01-13|website=The Cloudflare Blog|date=10 October 2023|language=en}}</ref> and again with a 398 million requests per second attack observed by [[Google]].<ref>{{Cite web|title=Google mitigated the largest DDoS attack to date, peaking above 398 million rps|url=https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
|access-date=2024-01-13|website=Google Cloud Blog|date=10 October 2023|language=en}}</ref> In August 2024, Global Secure Layer observed and reported on a record-breaking packet DDoS at 3.15 billion packets per second, which targeted an undisclosed number of unofficial [[Minecraft server|Minecraft game servers]].<ref>{{Cite web |title=Unprecedented 3.15 Billion Packet Rate DDoS Attack Mitigated by Global Secure Layer |url=https://globalsecurelayer.com/blog/unprecedented-3-15-billion-packet-rate-ddos-attack |access-date=2024-08-28 |website=globalsecurelayer.com |language=en-AU}}</ref> In October 2024, the [[Internet Archive]] faced two severe DDoS attacks that brought the site completely offline, immediately following a previous attack that leaked records of over 31 million of the site's users.<ref>{{Cite web |title=Internet Archive hacked, data breach impacts 31 million users |url=https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/ |access-date=2024-10-10 |website=www.bleepingcomputer.com |language=en-AU}}</ref><ref>{{Cite web |last=Davis |first=Wes |date=2024-10-09 |title=The Internet Archive is under attack, with a breach revealing info for 31 million accounts |url=https://www.theverge.com/2024/10/9/24266419/internet-archive-ddos-attack-pop-up-message |access-date=2024-10-10 |website=The Verge |language=en}}</ref> The hacktivist group [[Anonymous Sudan#Possible link with SN_BLACKMETA|SN_Blackmeta]] claimed the DDoS attack as retribution for American involvement in the [[Gaza war]], despite the Internet Archive being unaffiliated with the United States government; however, their link with the preceding data leak remains unclear.<ref>{{Cite web |last=Boran |first=Marie |date=2024-10-10 |title=Hackers claim 'catastrophic' Internet Archive attack |url=https://www.newsweek.com/catastrophic-internet-archive-hack-hits-31-million-people-1966866 |access-date=2024-10-10 |website=Newsweek |language=en}}</ref>