GitHub DDoS attack 2018

Written by Mike Boutwell

September 12, 2022

DDoS, also known as Distributed Denial-of-Service, is a cybercrime activity in which the attacker floods a server with internet traffic that prevents users from accessing connected online services and sites. Many businesses have come under the trap of a DDoS attack and have lost significant benefits. However, the most excellent DDoS attack ever recorded in history was on the 28th of February 2018, whereby GitHub was the victim. The attackers in this DDoS case took advantage of a catching system called Memcached. The attackers used the “growth factor”. This article will discuss in detail the largest DDoS attack to ever have been recorded and how you can prevent yourself from it!

GitHub is a famous online code management site widely used by millions of developers. It was the target. As the website ‘’ became unavailable for some time, the suspicions led it to a DDoS attack. The attacker had thoroughly planned this fight. Their main goal was to ensure that access to the website was entirely prevented and ensure that availability to the website was entirely blocked. Website availability is a crucial element of running a business, and a DDoS causes one to have significant loss. Now you may be wondering how the attack was done. The attackers had planned to use a catching system known as “memchad”, which attacks the site through “memchaching”. They misused Memchached instances that they had accessed on the internet. To do so, they cheated on GitHub’s IP address. This resulted in an increase in data volumes of Memcached systems by about 50 times with a large traffic flow. A grand characteristic of this attack was the magnification factor up to 51,000, which meant it sent up to 51KB to the target for every byte sent by the attacker. 

A great lesson we learn from this attachment is that it was made purely by making a false request; it did not require great skill or resources. Moreover, no authentication was required as well. So, now how can a DDoS attack be prevented? What measures can you take? 

Firstly you can start by preparing a DDoS response plan. It could never hurt to be one step ahead of the attacker. Your security team can help you develop an incident response plan that ensures that staff members respond promptly in time of an attack. Secondly, you need to ensure high levels of network security. The more secure your website is, the safer. Then having a server redundancy can also be very helpful. It serves as a backup in the cause of an attack, as it can direct the extra traffic while the targeted system is back online. Moreover, it is also essential to look out for warning signs such as Poor Connectivity, Slow Performance, Crashes etc. Limiting network broadcasting and leveraging the cloud to prevent DDoS attacks are also safe ways to ensure security from a DDoS attack. 

We conclude this article by hoping you have learned much about DDoS attacks and how to prevent them. The key to business is ensuring a strong and secure website, so never take it for granted!

You May Also Like…