Bots, Bots Everywhere: 5 Largest DDoS Attacks in the History of the Internet

We know how a DDoS attacks can overwhelm a system’s resources and take it down to the ground.  

But sometimes DDoS attacks can scale beyond our wildest imaginations. We’re talking about attacks that clock bandwidths in tera and giga bite ranges and notoriously leave their marks in history books.


Spamhaus is a non-profit anti-spam organization based in London and Geneva.

In 2013, Spamhaus website, email servers and DNS IPs were taken down by a DDoS attack that measured in at 300 gigabits per second.

Investigations traced the attack to a member of Dutch company named Cyberbunker.


CloudFlare is a content delivery network (CDN) and security service provider headquartered in San Francisco.

In 2014, CloudFlare’s network was slammed by a DDoS attack that peaked at more than 400 gigabits per second.

The attack was originally directed at a CloudFlare customer, but it was so powerful that it brought down the company’s entire network to its knees.   

The perpetrators leveraged the NTP servers to launch the attack.

Occupy Central Movement

Occupy Central was a Hong Kong civil disobedience campaign initiated by Benny Tai, Reverend Chu Yiu-ming and Dr. Chan Kin-man in 2013, advocating for a democratic electoral system.

Unimpressed by the movement, attackers sent large amount of traffic to Occupy Central’s webhosting services, causing the servers to crash.

The DDoS attack recruited five botnets and measured in at 500 gigabits per second.

2) Dyn

Dyn, Inc. is an internet performance management and web application security company based in the U.S.

In 2016, Dyn was targeted by a series of DDoS attacks which spiked up to 1.2 terabits per second.  The attacks used mirai-infected IoT-enabled devices to bombard the company’s servers.

The SpainSquad, New World Hackers and Anonymous claimed the responsibility for the attacks.


GitHub is a code hosting platform for collaboration and version control.

On February 28, 2018, GitHub was taken down by a DDoS attack that clocked in at a whopping 1.35 terabits per second.  

Interestingly, the attack did not use any botnet network, and instead relied on misconfigured Memcached servers for amplification.   

The attack remains the largest DDoS attack ever recorded in the history of the internet. 

Is your business protected against potential DDoS attacks? Don’t be vulnerable; call our cybersecurity experts today and make sure you’re covered from any and all threats.