The Worldâ€™s biggest developer platform Github faced the biggest Distributed Denial of service attack recorded to date. TheÂ DDoS attack was initiated on Wednesday, at about 12:15 P.M. when GitHubâ€™s code hosting platform was hit by the attackers who bombarded the site with relatively higher traffic than what its server can handle. Due to this high load of the server, the Githubâ€™s website crashed for about 10 minutes.
DDoS attack is the most common method used by attackers to take down a website. This DDoS attack had an intensity of about 1.35 terabits per second (Tbps.) which managed to take the site down for a few minutes. To recover from this catastrophic attack, GitHub took the help of Akamai Prolexic. Akamai Prolexic is a service that mitigates such incidents by routing the traffic and blocking malicious requests. This assault dropped off as soon as Akamai come into the picture. It defended against the attack in a number of ways. In addition to its DDoS defense infrastructure, specific mitigations were also implemented to remain secure from this kind of DDoS attacks.
GitHub clarified that they were not equipped to handle this much of traffic all at once. However, now in a short period of time, they have designed and deployed an infrastructure that has the potential to handle five times the traffic of this attack. An interesting fact about this DDoS attack was the non-involvement of botnets, which usually form a major component of DDoS attacks. This time, the malicious strategy used by hackers was amplification. They hoaxed Githubâ€™s IP address and forwarded queries to a range of Memcached servers which speed up the websites driven by databases. Such DDoS attacks initiated my Memcached servers do not require a botnet. The hackers simply forward a small query to the several Memcached servers which are designed to transform into a much larger response. As a result, the Memcached system returns 50 times of the requested data to the victim.
There are over 1,00,000 Memcached servers which are owned by businesses and other institutions which currently remain exposed online with no authentication protection. This simply means that an attacker can simply access it and forward a special command packet that the server has to respond to with a larger reply. This is the reason why the infrastructure communities have started addressing the root cause of such attacks. They are asking the owners of such exposed Memcached servers to take them off the internet and keep them safe within the internal networks.
Even after such an intense Distributed Denial of Service attack, GitHub survived to narrate this story. It probably left the attackers disappointed because they couldnâ€™t do much harm to the internet Giant. Yet, it wonâ€™t be wrong to say that network infrastructure providers will have work harder to be a step ahead of the hackers who are always up with something new. So, there is a high degree of chances that the hackers will be back with something more vicious soon.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.