GitHub Suffers Largest DDoS Attack in History: 1.35 Tbps via Memcached Amplification
What happened
GitHub was hit by what was then the largest distributed denial-of-service attack on record, peaking at 1.35 Tbps. Attackers exploited publicly exposed Memcached servers, which amplify traffic by up to 51,000x. GitHub absorbed the attack with Akamai's Prolexic DDoS mitigation and was offline for only 10 minutes.[1]
What went wrong
The attack exploited a design property of the Memcached protocol rather than a bug — UDP-based Memcached servers respond to spoofed source IP requests with massive amplified responses. Tens of thousands of internet-exposed Memcached servers provided the amplification infrastructure.[1]
Lesson learned
Stateless UDP services capable of significant amplification should never be exposed to the public internet. DDoS mitigation must be pre-integrated, not reactively arranged after an attack begins. The 10-minute recovery demonstrates how effective pre-arranged scrubbing can be.
Sources
- [1] GitHub Engineering GitHub Suffers Largest DDoS Attack in History: 1.35 Tbps via Memcached Amplification