GitHub, a web-based code distribution and version control service, apparently got hit by a massive denial of service attack on Wednesday and came out the other side pretty well.
According to a report from Wired, GitHub was hit with a massive 1.35 terabits per second (Tbps) traffic attacks at once. Within 10 minutes, the company called for help from DDoS mitigation service called Akami’s Prolexic, similar to Google’s Project Shield. Prolexic came in and took over to filter and weed out all malicious traffic packets. Wired says that the attack ended after eight minutes.
While getting hit with DDoS attack isn’t uncommon, Wired says that this may have been the largest DDoS attack ever. By comparison, Wired notes that the attack on domain name server Dyn in late 2016 reached 1.2 Tbps of traffic.
So how was the attack conducted? Well, it was conducted via non-bot technique called amplification attack. This technique uses memcached database systems, says Wired, that can be queried by anyone. Attackers are able to spoof the IP of their target and send small requests to the memcached databases, which then start sending massive amounts of traffic to the target system. In this case, it was GitHub. Wired says that to shut down these attacks, the answer is twofold. Mitigation services like Prolexic come in to add filters and automatically block malicious traffic, and owners of memcached databases can remove them from public access.