GitHub faced the biggest DDoS attack
News | 03/10/2018

GitHub survived the biggest DDoS attack of about 1.35 tbps

About: GitHub survived the biggest Distributed Denial Of Service attack recorded till date. The internet Giant survived even after such an intense Distributed Denial of Service attack. It probably left the attackers disappointed because they couldnâ€...  Read More  

| News | GitHub survived the biggest DDoS attack of about 1.35 tbps

The World’s biggest developer platform Github faced the biggest Distributed Denial of service attack recorded to date. The  DDoS attack was initiated on Wednesday, at about 12:15 P.M. when GitHub’s code hosting platform was hit by the attackers who bombarded the site with relatively higher traffic than what its server can handle. Due to this high load of the server, the Github’s website crashed for about 10 minutes.

GitHub's Headquarter from inside

DDoS attack is the most common method used by attackers to take down a website. This DDoS attack had an intensity of about 1.35 terabits per second (Tbps.) which managed to take the site down for a few minutes. To recover from this catastrophic attack, GitHub took the help of Akamai Prolexic. Akamai Prolexic is a service that mitigates such incidents by routing the traffic and blocking malicious requests. This assault dropped off as soon as Akamai come into the picture. It defended against the attack in a number of ways. In addition to its DDoS defense infrastructure, specific mitigations were also implemented to remain secure from this kind of DDoS attacks.

GitHub clarified that they were not equipped to handle this much of traffic all at once. However, now in a short period of time, they have designed and deployed an infrastructure that has the potential to handle five times the traffic of this attack. An interesting fact about this DDoS attack was the non-involvement of botnets, which usually form a major component of DDoS attacks. This time, the malicious strategy used by hackers was amplification. They hoaxed Github’s IP address and forwarded queries to a range of Memcached servers which speed up the websites driven by databases. Such DDoS attacks initiated my Memcached servers do not require a botnet. The hackers simply forward a small query to the several Memcached servers which are designed to transform into a much larger response. As a result, the Memcached system returns 50 times of the requested data to the victim.

There are over 1,00,000 Memcached servers which are owned by businesses and other institutions which currently remain exposed online with no authentication protection. This simply means that an attacker can simply access it and forward a special command packet that the server has to respond to with a larger reply. This is the reason why the infrastructure communities have started addressing the root cause of such attacks. They are asking the owners of such exposed Memcached servers to take them off the internet and keep them safe within the internal networks.

Even after such an intense Distributed Denial of Service attack, GitHub survived to narrate this story. It probably left the attackers disappointed because they couldn’t do much harm to the internet Giant. Yet, it won’t be wrong to say that network infrastructure providers will have work harder to be a step ahead of the hackers who are always up with something new. So, there is a high degree of chances that the hackers will be back with something more vicious soon.

Hits: 197

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Rajasthan 302033
Phone: +91 9799661866