The developers’ platform GitHub announced that it has survived the strongest DDOS attack to date over the weekend. In the distributed denial of service attack, hackers bombarded the site’s servers with 1.35Tbps, but the platform quickly bounced back.
DDoS attacks’ goal is to take websites or services offline by launching so much data toward their servers that the infrastructure can no longer handle it. Hackers routinely employ these tactics to take sites they don’t like down.
And GitHub has many enemies. In 2015, the Chinese government was allegedly behind a similar attack as retaliation on GitHub because it hosted software that enabled Chinese Internet users to bypass the country’s strict online censorship system also known as The Great Firewall.
In a later blog post, GitHub explained how the impressive attack was possible. Hackers reportedly hijacked a distributed memory system known as “memcaching” to fire the huge amount of data at the website.
GitHub Quickly Bounces Back after the Attack
Hackers made clones of GitHub’s internet protocol address to take control of the memcaches that the company made accessible to the public internet. This enabled them to massively amplify the traffic volume heading to the website’s servers.
The hijacked memcached systems were able to multiply the normal traffic by up to 50 times, Wired said. The massive influx of traffic, though, couldn’t take the website down for more than a few minutes.
Akamai Prolexic helped GitHub in those critical moments by rerouting the enormous traffic via its ‘scrubbing’ networks which weeded out and blocked the data suspected to be malicious. After eight minutes into the attack, hackers backed down and stopped.
The website faced an outage for just five minutes, had issues with maintaining connectivity for four more minutes and stabilized around 17:30 UTC. GitHub said it would replicate the attack to furtther beef up its defenses.
Image Source: Flickr