GitHub Survives The Most Powerful DDoS Attack In History: More To Come?

The massive DDoS attack that almost brought down US internet
GitHub survived the most powerful DDoS attack in history that peaked at 1.35 TB per second. The software development website lived through the ordeal, but while the Memcrashed method is still available, even more powerful DDoS attacks may launch soon.  ( Saul Loeb | Getty Images )

GitHub survived the most powerful distributed denial of service attack in history, with the DDoS attack flooding the software development website with internet traffic that reached a peak of 1.35 TB per second.

GitHub lived through the DDoS attack, with the website going down for only a few minutes. However, things do not end here, as an even stronger attack will likely happen soon.

GitHub Survives The Most Powerful DDoS Attack

On Feb. 28, at about 12:15 pm ET, the most powerful DDoS attack ever recorded struck GitHub. In 10 minutes, GitHub was able to request for help from Akamai Prolexic, which routed all the traffic and pushed the data past its scrubbing centers to identify and block the malicious packets. After about eight minutes, the people behind the DDoS attack withdrew.

In comparison, the DDoS attack on Dyn in October 2016 peaked at 1.2 TB per second. The attack on the internet infrastructure company resulted in connectivity issues across the United States, taking down many popular websites and online services such as Reddit, Netflix, Spotify, and Twitter.

According to Akami VP of web security Josh Shaul, it was able to protect GitHub from the 1.35 TB DDoS attack because the security company designed its capacity to withstand attacks that are up to five times more powerful than the strongest one that was previously recorded.

"So I would have been certain that we could handle 1.3 Tbps, but at the same time we never had a terabit and a half come in all at once. It's one thing to have the confidence. It's another thing to see it actually play out how you'd hope," Shaul told WIRED.

Memcrashed Will Attack Again

While the DDoS attack on Dyn was powered by the Mirai botnet, which infected tens of thousands of internet-connected devices to generate the traffic, the attack on GitHub was different. The people behind it did not use a botnet but rather utilized a new attack method named Memcrashed.

Memcrashed exploits the memcached program, which is an open-source caching system commonly used by websites for faster speed. However, some system administrators have unsecure memcached-enabled servers, which can be used by attackers to contribute to a DDoS attack.

The memcached technology is capable of amplifying internet traffic by over 50,000 times, done by spoofing the IP address of a website. The memcached servers will then flood the website with data, with the goal of taking the target offline.

Security experts are now urging the owners of tens of thousands of open memcached servers to place them inside firewalls to prevent attackers from exploiting them. However, while the unsecure servers are still available, the chances are high that another Memcrashed attack will launch soon, and they may be more powerful.

© 2018 Tech Times, All rights reserved. Do not reproduce without permission.

From Our Sponsor

Entropia Universe Gaming Achievements: Guinness World Records, Investor Successes, And More

Entropia Universe, launched in 2003, has come a long way, earning both the game as well as its creator, several accolades. We take a look at some of the achievements.
Real Time Analytics