Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in
    Computing

    GitHub just suffered the world’s biggest DDoS attack—and barely blinked

    March 2, 2018

    The site, which many developers use to store code, was knocked offline briefly this week by hackers who flooded it with fake traffic.


    Terror-bytes: According to Wired, the attack peaked Wednesday at a whopping 1.35 terabits of data per second; the largest previous assault, launched in 2016 against a company called Dyn, hit 1.2 terabytes per second. GitHub was out of action for five minutes and suffered sporadic outages for several more.


    Beware the memcrash: The attackers used “memcrashing,” which involves exploiting memcache servers that companies use to speed up their web applications. Thousands of these machines have unsecured internet connections, and hackers can use them to boost fake traffic. In a blog post, GitHub said a memcache server can turn a single incoming byte into as much as 51 kilobytes aimed at a victim’s servers.


    Knight in shining code: Github routed its traffic flood to Prolexic, an automated anti-DDoS system run by Akamai that filtered out the attack. The whole thing was over inside 20 minutes. Chalk one up for the good guys.

    Deep Dive

    Computing

    Erik Prince wants to sell you a “secure” smartphone that’s too good to be true

    MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.

    Corruption is sending shock waves through China’s chipmaking industry

    The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

    Inside the software that will become the next battle front in US-China chip war

    The US has moved to restrict export of EDA software. What is it, and how will the move affect China?

    Hackers linked to China have been targeting human rights groups for years

    In a new report shared exclusively with MIT Technology Review, researchers expose a cyber-espionage campaign on “a tight budget” that proves simple can still be effective.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.