While a major DDOS attack targeting GitHub was announced in early March, new news evokes a distributed denial of service operation of even greater magnitude.
Records are made to be beaten, they say. However, there are certain exploits that one is not particularly eager to see being surpassed. This is typically the case of computer attacks: at the beginning of March, there was talk of an exceptional distributed denial of service attack (DDOS) targeting GitHub, a site used for hosting and managing software development.
According to Akamai, a company that hires cache servers to duplicate the content of a site and allow the distribution of requests from users, which is very convenient when the traffic is massive, the attack has reached a peak traffic of 1.3 Terabits per second, which made him say that it was perhaps "the most important attack of DDOS publicly disclosed".
The records recorded by Arbor Networks over time.We know now that there has been worse: the company Arbor Networks, which markets solutions to protect itself from certain computer attacks, announced Monday, March 5 that one of its customers were targeted by a DDOS attack whose peak traffic reached 1.7 terabits per second. And according to Carlos Morales, one of Arbor Networks executives, the same procedure as against GitHub was used.
It's about using memcached technology, which allows you to cache data and reduce the load on high-memory-intensive services to amplify and reflect traffic. In the example given by Akamai to illustrate the multiplier power of the attack, it is explained that a request of just 203 bytes can generate a response of 100 megabytes.
"The era of terabyte attacks is upon us"
Other amplification and reflection attacks, such as Connection-less Lightweight Directory Access (CLDAP), which can already do significant damage and downgrade a website, do not offer such multiplier power. In the case of CLDAP, it increases the volume of traffic from 46 to 55 times, even 70. In the case of an attack via memcached, the increase climbs to 50,000.
"Although the profession is working to close access to many open memcached servers, the countless number of open-mode memcached servers will make this vulnerability sustainable and attackers will exploit it. It is crucial that companies take the necessary steps to protect themselves, including by implementing current best practices, "writes Arbor Networks.
And to warn: "the era of terabyte attacks is upon us".