At around 12:15 PM ET on Wednesday, a DDOS attack of 1.3 terabits per second hit Github – one of the largest development platforms in the world.
This gigantic DDOS attack was the biggest in history, although GitHub servers were surprisingly resilient despite this extremely heavy load. The platform briefly struggled with several different outages as a system on the website tried to diagnose the situation, at which point it reached out to a DDOS mitigation service – Akamai Prolexic. This intermediary routed all of the traffic coming into and out of GitHub, and used their capabilities in order to weed out and block malicious data. After just eight minutes of a DDOS attack, the attacks gave up on trying to damage GitHub and the assault was called off.
As one of the premier development platforms for collaboration between programmers around the world, the team behind GitHub was uniquely equipped to handle such an attack. A DDOS attack of 1.3 terabits per second is unheard of, however, making it the heaviest attack in history. With a downtime of just a few minutes, GitHub came out on the other side unscathed due to their attention to network security and the quick response of Akamai Prolexic.
There were a variety of ways in which Akamai took steps to mitigate the GitHub DDOS attack. There was a general defense infrastructure that carried the brunt of the force, but the firm had also recently brought another form of mitigation online that block a DDOS attack from “memcached servers”. These servers are intended to increase the speed of many networks and websites, but they aren’t supposed to be accessible to the general public. If a hacker is able to find the server, however, they’ll be able to send requests and carry out a DDOS attack that isn’t as easily addressed by normal means.
This most recent DDOS attack isn’t the first time GitHub has dealt with a similar problem, with the platform facing an attack that lasted six days back in March of 2015 – perhaps carried out by Chinese hackers. However, since that time we’ve seen some major advancements in security technology. Hackers have had to scale up their attacks, but websites like GitHub and their DDOS protection service Akamai Prolexic seem to be a step ahead when it comes to heading off these malicious assaults.
After the DDOS attack ended, GitHub proceeded to rout their traffic through Prolexic for another few hours in order to determine there wouldn’t be a second wave of damage. It’s currently unknown why the hackers decided to target GitHub, but with an attack of that size, it’s speculated that people wanted to take down a high-profile site that would be notoriously difficult to disable. After just a few minutes, the hackers realized their efforts were futile. It will apparently take something more severe than the largest DDOS attack in history in order to take down a website like GitHub, but there’s no telling what we’ll see from hackers moving forward. Hopefully, security experts can stay one step ahead and make sure the impact of these frustrating assaults remains as minimal as possible.