Blog: Biggest DDoS attack on record hits GitHubMarch 8th, 2018
GitHub the largest cloud based code repository was hit last week using a new way to amplify distributed denial-of-service DDoS attack. The DDoS attack generated a flood of internet traffic that peaked at 1.35 Terabits per second, making it the largest on record.
Fortunately, the software development site survived the disruption and was only down for few minutes, GitHub said on Thursday. Akamai, a DDoS protection provider, managed to fend off the assault.
The bad news? The GitHub attack may be an omen of things to come. The IT infrastructure that powered the assault is ripe for abuse.
The assault actually leveraged what’s known as a “memcache server,” which is usually hooked up to a data center.
As the name suggests, these servers are designed to cache data and speed up web applications and internet sites. However, that same technology can be used to amplify certain internet traffic by up to 51,000 times. This can be done when a memcache server spoofs the IP address of an actual website. The servers can then mistakenly send a flood of data to the victim website, overwhelming it with traffic and taking it offline. It doesn’t help that many of the memcached servers are running on the open internet, making them potential assets hackers can use in DDoS attack schemes.
Stay Connected. Sign up to receive our quarterly newsletter, important tax and financial insights, specialized reports and bulletins.
Our Clients Speak
"...We are continually impressed with their knowledge, professionalism, and interest in our business. Hiring a great accountant is an important part of growing a successful business and we've made a very good choice."Justin Archer Managing Director, Berlin Advertising and Public Relations