Feeds

GitHub wipes hand across bloodied face, stumbles from brutal DDoS beating

Wouldn't have happened if you'd just used SVN, eh!

Build a business case: developing custom apps

Popular source-code warehouse GitHub was back online today after weathering a huge denial-of-service attack throughout the week.

The status page of the San Francisco-based outfit charts the progress of the assault and the attempts to end it. Problems with the web service first cropped up on Tuesday, 1 October, before the team realised they were facing a denial-of-service storm. This first wave was dealt with late on Wednesday only for a second phase of the attack to flare up again on Thursday.

Barry Shteiman, director of security strategy at data centre security firm Imperva, said a titsup GitHub would have had a knock-on effect on programmers at many organisations.

“GitHub’s business is to act as a code repository for companies big and small. This is unfortunately a brutal case of the impact of third party services on business security and availability," he said.

Ashley Stephenson, chief exec of security appliance firm Corero Network Security, added the multi-phase pattern of the attack against GitHub is typical of other denial-of-service attacks.

"From what GitHub have disclosed it looks like the DDoS [distributed denial of service] attacks targeted at their networks followed a very typical progression," Stephenson said. "It is not unusual for attackers to probe a site with different attack vectors to figure out what type of vulnerabilities exist. It is likely that as the attacker(s) saw that GitHub were able to stop one type of DDoS attack they modified the characteristics of the attack until the website and services were again impacted."

"A second wave of attacks, just a day later, is also a common sequence, more than likely coming from the same source, having already analysed how GitHub would likely react in trying to mitigate the attack, the second wave of DDoS attacks do appear to have been successful in taking down the site," he added.

Stephenson concluded: "We are seeing more often that DDoS attacks against web servers evolve over a period of 24-48 hours until they take down a site or their perpetrators give up and move on. GitHub have done the right thing in keeping their users informed of the status of the attacks."

GitHub is a frequent target of DDoS attacks. It suffered two major attacks in August and the same number in July alone. The possible motives much less the perpetrators behind the latest assault remain unclear.

DDoS attacks, in general, are often used by hackers to probe for vulnerabilities in a website or as a smokescreen to deflect attention from the main motives of an attack - which in the case of GitHub may involve tampering with projects' source code or similar malfeasance.

Sysadmins on the receiving end of DDoS attacks often need to tweak the settings of firewall equipment, intrusion prevention system and other security defences to compensate for the assaults. These changes can sometimes unwittingly open up further vulnerabilities. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?