Github is the latest website to be hit with a DDOS attack. Security researchers are pouring over the data and how the attack was thwarted.
Yesterday, we reported on how Slashdot went down thanks partly to a DDOS (Distributed Denial of Service) attack. While that is an interesting development, it apparently isn’t the only site being hit with such an attack.
Software development platform GitHub is also a victim of a DDOS attack. Last Wednesday, the attack began on the site. The attack was thwarted within minutes thanks to security measures that were implemented. While this doesn’t seem like much of a news story, there is plenty of noteworthy aspects of the attack.
Naked Security points out that this attack is also the largest DDOS attack ever recorded. At its peak, the attack measured at a massive 1350 gigabits per second.
According to GitHub Engineering, last week’s disruption lasted nine minutes.
At 17:21 UTC our network monitoring system detected an anomaly in the ratio of ingress to egress traffic and notified the on-call engineer and others in our chat system. … Given the increase in inbound transit bandwidth to over 100Gbps in one of our facilities, the decision was made to move traffic to Akamai.
Naked Security comments:
the interesting theme of the attack has turned out not to be its size at all, but what fuelled its extraordinary size.
The attack exploited amplification, a technique we’ve seen before in previous mega DDoS incidents, this time hitting a target called Memcached.
Memcached is a popular technology designed to speed access to sites running big web application databases by caching data in RAM for rapid access.
By default, it allows unauthenticated external connections on UDP port 11211, which means the attackers were able to generate large amounts of traffic simply by sending servers left in this weak state a simple “stats” command from a spoofed IP address.
In the mean time, some are trying to figure out who is behind the attacks in the first place. As of now, there are no known details on this front. Of course, there is nothing known as to any possible motive behind the attack as well.
While this attack was thwarted, it shows that DDOS attacks are still prevalent to this day. While improvements to thwart such attacks have been made over the last several years, this latest attack shows that DDOS attacks aren’t going to be going out of style any time soon.
Drew Wilson on Twitter: @icecube85 and Google+.