Web-based code hosting service GitHub recently suffered the largest Distributed Denial of Service (DDoS) attack ever recorded. According to an official post on the matter, the attack, which flooded the website with traffic that peaked at 1.35 Terabits per second, crippled the website for a few minutes on February 28th.
Akamai, a DDoS protection provider, was able to fend off the attack, but warned that the attack was just the beginning. “It is highly likely that this record attack will not be the biggest for long,” Akamai said in a blog post. The recent attack on GitHub was more than twice the size of the September,2016 attack which made use of the Mirai Botnet. While the previous attack made use of tens of thousands of vulnerable IoT devices, the recent attack used a “memcache” server.
A memcache server is designed to cache data and speed up web applications and websites, PCMag explains that this technology can be exploited to conduct DDoS attacks as it can amplify a packet of data traffic by up to 51,000 times. Cloudflare, another DDoS protection provider explained:
“Launching such an attack is easy…First the attacker implants a large payload on an exposed memcached server. Then, the attacker spoofs the ‘get’ request message with target source IP.”
The flood of internet traffic generated by such an attack can overwhelm any website’s servers and disable them for a considerable period of time. Akamai reports that over 50,000 such vulnerable can be found across the globe, which can be used to conduct such large scale DDoS attacks. There have been other such attacks in the past week, but the GitHub attack is the largest so far. In order to prevent any future attacks of this nature, DDoS protection providers like Akamai and Cloudflare have urged memcached server owners to firewall their servers or disable part of their functionalities.