GitHub just suffered the world’s biggest DDoS attack—and barely blinked
The site, which many developers use to store code, was knocked offline briefly this week by hackers who flooded it with fake traffic.
Terror-bytes: According to Wired, the attack peaked Wednesday at a whopping 1.35 terabits of data per second; the largest previous assault, launched in 2016 against a company called Dyn, hit 1.2 terabytes per second. GitHub was out of action for five minutes and suffered sporadic outages for several more.
Beware the memcrash: The attackers used “memcrashing,” which involves exploiting memcache servers that companies use to speed up their web applications. Thousands of these machines have unsecured internet connections, and hackers can use them to boost fake traffic. In a blog post, GitHub said a memcache server can turn a single incoming byte into as much as 51 kilobytes aimed at a victim’s servers.
Knight in shining code: Github routed its traffic flood to Prolexic, an automated anti-DDoS system run by Akamai that filtered out the attack. The whole thing was over inside 20 minutes. Chalk one up for the good guys.
Deep Dive
Computing
Learning to code isn’t enough
Historically, learn-to-code efforts have provided opportunities for the few, but new efforts are aiming to be inclusive.
IBM wants to build a 100,000-qubit quantum computer
The company wants to make large-scale quantum computers a reality within just 10 years.
The inside story of New York City’s 34-year-old social network, ECHO
Stacy Horn set out to create something new and very New York. She didn’t expect it to last so long.
Making the world a data-driven place with the cloud
Cloud data modernizations is a key enabler to spur innovation and get real value out of your data, says PwC’s Anil Nagaraj and Microsoft’s Kim Manis.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.