top of page

Largest Ever Worldwide DDOS Attack Via HTTP/2 Vulnerability Thwarted

Published: December 03, 2023 on our newsletter Security Fraud News & Alerts Newsletter.

Companies around the globe claim to have fought off the largest Distributed Denial of Service Attack (DDOS) thus far. However, some of the bigger and most high profile of them also warn that users should be prepared for service disruptions in the future unless cybersecurity measures greatly improve.

Three notable companies hit, Google, Cloudflare, Amazon Web Services all said the attackers were able to exploit a vulnerability in HTTP/2. This is a newer version of HTTP.

The attack that began in August, according to Google, was 7.5 times larger than any other with its site getting hit at an astounding rate of 398 million requests per second. Cloudflare said it experienced more than 201 million requests per second, noting that is three times larger than any it had seen before on its servers.

Companies are urged to update their web servers to mitigate this risk. This should include applying patches for the vulnerability noted as CVE-2023-44487.

DDOS attacks try to interrupt services to a website or make it completely unusable. While these don’t result in installed malware or domain hijacking, they can affect services, and the reputation to the victim company can take a bit of a hit. The financial effects of such an attack are nearly impossible to measure. So better to stay on top of patches and updates for all systems.

Want to schedule a conversation? Please email us at

bottom of page