PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Google Says Biggest DDoS Attack on Record Hit the Company in 2017

The 2.5Tbps attack was likely the work of state-sponsored hackers using internet service providers in China, according to Google.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

(Credit: Pixabay)


Google is reporting that a state-sponsored hacking group launched the biggest DDoS attack on record against the company back in Sept. 2017. 

On Friday, Google’s cloud business disclosed the incident, which involved bombarding the company’s internet networks with a flood of traffic. The DDoS attack lasted over a six-month campaign, peaking to 2.5Tbps in traffic. 

The figure surpasses the 2.3Tbps assault Amazon’s cloud business AWS experienced this past February, which was previously thought to be the biggest DDoS attack on record. 

According to Google’s security team, the 2.5Tbps DDoS against the company was sourced back to a government-backed group that harnessed four internet service providers in China to send the flood of traffic. 

Recommended by Our Editors

Amazon Mitigates Biggest Ever DDoS Attack
Amazon Mitigates Biggest Ever DDoS Attack
Chinese DDoS Attack Hits Telegram During Hong Kong Protests
Chinese DDoS Attack Hits Telegram During Hong Kong Protests
Europol Crackdown Targets DDoS Attack Buyers
Europol Crackdown Targets DDoS Attack Buyers

A DDoS is designed to overwhelm a network, resulting in an outage that can slow or shut down access to a company’s websites. But despite the 2.5Tbps assault simultaneously targeting thousands of Google servers back in 2017, the “attack had no impact,” wrote company security engineer Damian Menscher in today’s blog post. 

“The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us,” he added. “This demonstrates the volumes a well-resourced attacker can achieve: This was four times larger than the record-breaking 623 Gbps attack from the Mirai botnet a year earlier.” 

The company disclosed the incident while talking up its efforts to ensure Google’s cloud business remains protected from major DDoS attacks. Google has been analyzing the most significant DDoS attacks, and concludes the traffic volumes have been growing exponentially. But at the same time, the internet itself has been growing exponentially as well, giving companies more bandwidth to protect themselves from the attacks. 

Google showing the exponential rise of DDoS attack volume.
(Credit: Google)

“While we can estimate the expected size of future attacks, we need to be prepared for the unexpected, and thus we over-provision our defenses accordingly,” Menscher wrote in the blog post. “Additionally, we design our systems to degrade gracefully in the event of overload, and write playbooks to guide a manual response if needed.”

Menscher added the company “reported thousands of vulnerable servers to their network providers” to prevent the hackers behind the 2.5Tbps DDoS from striking again.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio