Github was hit by the biggest DDoS attack ever recorded (may be paywalled) on Wednesday. According to Akamai Prolexic the attack peaked at 1.3Tbps and this attack utilized memcached servers that return 50 times the data to the IP spoofed address of the victim. This kind of attack is called an amplification attack and while it’s been used before the scale of this one was off the charts. Fortunately for Github they had a mitigation plan they immediately put into action, however, not everyone has this in place and these attacks are bound to proliferate and cause significant loss of service to companies that aren’t prepared. Thanks Adam T.



Wednesday’s onslaught wasn’t the first time a major DDoS attack targeted GitHub. The platform faced a six-day barrage in March 2015, possibly perpetrated by Chinese state-sponsored hackers. The attack was impressive for 2015, but DDoS techniques and platforms—particularly Internet of Things–powered botnet – have evolved and grown increasingly powerful when they’re at their peak. To attackers, though, the beauty of memcached DDoS attacks is there’s no malware to distribute, and no botnet to maintain.

Discussion

Source: [H]ardOCP – Github Hit by Biggest DDOS Attack Ever Recorded