GitHub, a web-based hosting service and a platform which many developers use to store codes, encountered the largest-known DDoS attack in the history of cyber attacks. The website suffered brief outage after being attacked by hackers who flooded the servers with fake traffic.
"On Wednesday, February 28, 2018, GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to a distributed denial-of-service (DDoS) attack," the company reported the incident on its blog post.
The attack originated from over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints. "It was an amplification attack using the memcached-based approach that peaked at 1.35Tbps via 126.9 million packets per second," the company writes.
Talking about "memcrashing," it basically involves exploiting memcache servers that companies use to speed up their web applications. As most of the machines have unsecured internet connections hackers can use them easily to boost fake traffic. GitHub has said that a memcache server can turn a single incoming byte into as much as 51 kilobytes aimed at a victim's servers.
As such, GitHub was reportedly down for five to ten minutes and the service provider suffered random outages for some time. According to reports, this was the largest compared to previous assault that was launched in 2016 against a company called Dyn which hit 1.2 terabytes per second.
But Github was successful in tackling the problem. The company along with the help of Akamai routed the traffic flood to Prolexic, (an automated anti-DDoS system run by Akamai) that filtered out the malicious attack. Github was quick to restore its systems to normal service.
"We understand how much you rely on GitHub and we know the availability of our service is of critical importance to our users. To note, at no point was the confidentiality or integrity of your data at risk. We are sorry for the impact of this incident and would like to describe the event, the efforts we've taken to drive availability, and how we aim to improve response and mitigation moving forward," the company has said.
The company has also stated that it is going to continue to expand its edge network and strive to identify and mitigate new attack vectors before they affect the user's workflow on GitHub.com. "We will continue to analyze this and other events that impact our availability, build better detection systems and streamline response," the company has assured.