GitHub Suffers from Largest DDoS Attack Ever Recorded

The biggest DDOS attack in history hit the developer platform GitHub recently. The attackers used 1.35 terabits per second of traffic to take the site down. This attack was temporarily thwarted by DDoS mitigation service, Akamai Prolexic. After the initial mitigation, there was another influx of site traffic roughly 24 hours later.

This attack was executed by using memcached servers. These servers are typically used to cache data and objects. They are meant to speed up dynamic database websites. It essentially reversed the effects of memcached. Luckily Akamai was able to stop the attacks from having a lasting effect.

Network monitoring provider, ThousandEyes, was alerted to the attack. They were informed of the dip in availability to GitHub services due to their continuous network monitoring platform.

ThousandEyes gave detailed insight on the attack. Of the attack, they state, “DDoS attacks are becoming more frequent and ever more powerful. While the GitHub attack had minimum service interruption and showcased a well-executed mitigation process, not all DDoS attacks are created equally.”

With increased network and cloud reliance, attacks like this are only the beginning. Akamai claims that this won’t be the largest DDoS attack for long. There will be copycats utilizing this method or create more damaging ones. It’s so simple to execute a DDoS attack that even kids can do it. This isn’t necessarily the work of an elaborate hacker; DDoS attacks are typically used to be a nuisance, rather than for financial gain.

The ease of these attacks places emphasis on the importance of network monitoring tools. ThousandEyes was there for GitHub to recognize where and when the attack was happening. Thanks to proper monitoring, they activated their DDoS mitigation service at the optimal time. Don’t get caught in a massive DDoS attack and lose network availability for extended periods of time, invest in a network performance monitoring solution!

Leave a Reply

Your email address will not be published.