Web companies are starting to get pretty good at deflecting denial of service attacks, and Github and Akamai largely fended off the biggest attack ever recorded by security engineers this week thanks to some quick action and forethought.
Denial of service attacks are relatively simple, in a way; an attacker marshalls a huge network of computers and floods the target website with requests for that site, overwhelming its ability to serve the site to legitimate requests for access. Such attacks have plagued the internet since its earliest days, but Wired on Thursday posted an account of such an attack on Github Wednesday morning that failed to completely take down an important and widely used software development tool.
Github endured a few sporadic outages as the largest attack ever recorded — 1.3 terabytes worth of traffic flooding its networks — hit its but was able to avoid a prolonged outage thanks to help from Akamai, which offers anti-DDoS services to a variety of web clients. Companies like Akamai and Cloudflare essentially step in front of the fire hose of traffic on behalf of their clients, redirecting it across their own disparate networks and analyzing that traffic in order to separate legitimate traffic from malicious traffic.
The last big DDoS attack of note, which caused widespread internet problems in 2016, used an army of dumb internet-connected cameras and other internet-of-things devices to throw traffic at Dyn, a key part of the internet infrastructure. This attack was a little different.
Yesterday’s attack took advantage of a larger-than-recommended number of memcached servers on the public internet. Memcached servers allow companies to improve database performance by storing data much closer to the actual database, but they aren’t supposed to be accessible from the general internet.
After Cloudflare warned on Tuesday that it was seeing an increased number of attempts to take advantage of unsecured memcache servers, it didn’t take long for that technique to be put into practice against Github on Wednesday. As of Thursday afternoon, it’s not clear where the attack came from, or why Github — a central code repository software engineers around the world — for was targeted.