GitHub hit with largest DDoS attack
03 Mar 2018
In a growing sign of the increased sophistication of both cyber-attacks and defences, GitHub revealed this week that it had weathered the largest-known DDoS attack in history.
GitHub, a web-based hosting service used for version control using git is mostly used for computer code.
DDoS - or 'distributed denial of service' is a cyber attack that aims to bring down websites and web-based services with so much traffic that their services and infrastructure are not able to cope with itl. According to commentators, it is a fairly common tactic deployed to force targets offline.
GitHub is a common target, which the Chinese government is said to have used in a five-day-long attack in 2015. The newest was unprecedented in intensity at an incredible 1.35Tbps at peak.
In a blog post about the incident, GitHub said the attackers hijacked something called ''memcaching'' - a distributed memory system known for high-performance and demand - to massively amplify the traffic volumes that were being fired at GitHub.
To accomplish this they initially spoofed GitHub's IP address and took control of memcached instances that GitHub said are ''inadvertently accessible on the public internet.''
The result was a huge influx of traffic and according to Wired, the memcached systems used amplified the data volumes by around 50 times.
GitHub tried grapple with the outages for a couple of minutes, and then turned to Prolexic, a DDoS mitigation service provided by Akamai Technologies.
The service re-routed all the traffic to go through its scrubbing centres, which filtered the incoming data in order to block any malicious software packages being driven toward its servers. There were about 126.9 million packets per second directed at GitHub's systems at the peak of the attack, according to GitHub.
Akamai said in a blog post on Thursday that the assault was the ''largest attack seen to date ... more than twice the size of the September, 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed.''