The attack lasted more than six months, and reached a peak of 2.5Tbps in traffic.
"While it’s less common to see DDoS attacks rather than phishing or hacking campaigns coming from government-backed threat groups, we’ve seen bigger players increase their capabilities in launching large-scale attacks in recent years” Google’s Shane Huntley wrote in the blog.
The attack targeted thousands of Google’s IPs, the company says, but had no effect.
Google would not disclose what properties were targeted by the hackers.
“The attacker used several networks to spoof 167 Mpps (millions of packets per second) to 180,000 exposed CLDAP, DNS, and SMTP servers, which would then send large responses to us”, wrote Damian Menscher, a Security Reliability Engineer at Google.
The largest attack prior to that was one launched against Amazon, which reached a peak of 2.3 Tbps attack in mid-February this year.
Despite being the origin of the largest attack, China is only responsible for 12 per cent of state-sponsored attacks.
Russian activity made up 52 per cent of all attacks between July 2019 and June 2020, Microsoft says.
It is followed by Iran, which makes up 25 per cent of the attacks monitored.
Unlike the attack on Google, however, these assaults aim to influence government policy through subtler means, rather than targeting infrastructure directly.
This includes spear-phishing via Microsoft Word documents, and used unique credentials by imitating an American fast-food chain’s email about the coronavirus.
Google had previously found evidence of a state-sponsored campaign targeting US government officials with offers of fast food.
It was one of 18 million attempted scam messages per day related to Covid-19, as the coronavirus has been used as a cover for scam attempts.