Skip to main content

GitHub hit by largest DDoS attack in history

(Image credit: Image Credit: Profit_Image / Shutterstock)

GitHub (opens in new tab) has managed to defend its site from the largest distributed denial of service (DDoS) attack ever recorded thanks to help from Akamai Prolexic's DDoS mitigation platform. 

The developer platform was hit with an overwhelming 1.35TB/s of traffic using an increasingly popular DDoS method that, unlike 2016's attack on DNS service provider Dyn (opens in new tab), does not require the use of a botnet. 

At first GitHub's systems experienced intermittent outages but within 10 minutes, its security system had assessed the situation and automatically called Akamai Prolexic for help.  The firm's DDoS mitigation services were then used to reroute all of the traffic coming into GitHub.  Akamai sent the site's traffic through its scrubbing centres to identify and then block malicious packets. 

The hackers behind the attack were deterred thanks to the quick response from both companies and it ended after eight minutes. 

The DDoS attack (opens in new tab) on GitHub stands out from some other notable attacks due to the fact that the hackers chose to forego using a botnet and instead opted to utilise large number of memcached servers on the Internet.    

These servers are utilised by companies to improve the performance of databases since they store data closer to the actual database.  However, since they are located on the public Internet, hackers have learned to spoof their IP addresses to send small queries to multiple memcached servers.  The servers then return 50 times more data back to the victim which makes them so effective in DDoS attacks. 

GitHub's decision to sign up for Akamai Prolexic's (opens in new tab) DDoS mitigation services played a key role in ensuring that this attack did not have the same impact as the one that affected Dyn and in turn the entire Internet back in 2016. 

Image Credit: Profit_Image / Shutterstock

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.