The world’s leading software development platform GitHub, was hit by a record 1.35 terabits per second DDoS(denial of service attack)—the most powerful recorded so far. Yet, the website only endured a few minutes of intermittent downtime.
After detecting the attack, it requested helped from Akamai Prolexic, a service that mitigates such incidents by routing traffic through its larger network and also blocking malicious requests.
What is a DDoS attack?
DDoS(distributed denial of service in full), is a type of a cyber attack which bombards websites and web-based services with huge amounts of traffic to bring them down. Services are forced to get offline since their servers are unable to handle the sudden influx.
GitHub is a common target — the Chinese government was widely suspected to be behind a five-day-long attack in 2015 — and this newest assault tipped the scales at an incredible 1.35Tbps at peak.
In a blog post retelling the incident, GitHub said the attackers hijacked something called “memcaching” — a distributed memory system known for high-performance and demand — to massively amplify the traffic volumes that were being fired at GitHub. To do that, they initially spoofed GitHub’s IP address and took control of memcached instances that GitHub said are “inadvertently accessible on the public internet.”
The result was a huge influx of traffic. Wired reports that, in this instance, the memcached systems used amplified the data volumes by around 50 times.
GitHub called in assistance from Akamai Prolexic, which rerouted traffic to GitHub through its “scrubbing” centers, which removed and blocked data deemed to be malicious. Following eight minutes of the assault, the attackers called it off and the DDoS stopped.
“Between 17:21 and 17:30 UTC on February 28th we identified and mitigated a significant volumetric DDoS attack,” GitHub wrote in an autopsy of the event Thursday. “The attack originated from over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”
The service has become critical for any company handling code — very many, indeed — so while an outage is never welcomed, the response in this case is impressive and certainly bodes well. GitHub said it continues this attack, and others, to ensure it is suitably defended.
You can read full details in this GitHub blog post.