GitHub Hit by Largest DDoS Attack to Date

Mar. 2, 2018

Web-based code hosting service GitHub recently suffered the largestDistributed Denial of Service(DDoS) attack ever recorded. According to an officialposton the matter, the attack, which flooded the website with traffic that peaked at 1.35 Terabits per second, crippled the website for a few minutes on February 28th.

A memcache server is designed to cache data and speed up web applications and websites,PCMagexplainsthat this technology can be exploited to conduct DDoS attacks as it can amplify a packet of data traffic by up to 51,000 times. Cloudflare, another DDoS protection providerexplained:

“Launching such an attack is easy…First the attacker implants a large payload on an exposed memcached server. Then, the attacker spoofs the ‘get’ request message with target source IP.”

The flood of internet traffic generated by such an attack can overwhelm any website’s servers and disable them for a considerable period of time. Akamai reports that over 50,000 such vulnerable can be found across the globe, which can be used to conduct such large scale DDoS attacks. There have been other such attacks in the past week, but the GitHub attack is the largest so far. In order to prevent any future attacks of this nature, DDoS protection providers like Akamai and Cloudflare have urged memcached server owners to firewall their servers or disable part of their functionalities.