I thought one terabyte per second was a big distributed denial of service (DDoS) attack, but last week the record grew to 1.35 Tbps. Github was brought down for a few minutes by a huge DDoS attack. This time it wasn’t an IoT botnet causing the DDoS, but a UDP amplification attack targeting a service called memcached. I expect more of these type of amplification attacks in the future. See the YouTube video below for more details, and make sure you aren’t exposing memcached, or any other unnecessary UDP services, to the public.
Episode Runtime: 4:29
Direct YouTube Link: https://www.youtube.com/watch?v=LFLqENAcy2Y
EPISODE REFERENCES:
- Our Secplicity blog post on Github’s DDoS – Secplicity
- Github suffers a record 1.35 Tbps DDoS attack – The Register
- Memcached servers hijacked for UDP amplification attacks – Network World
- Github’s DDoS incident report – Github
- Cloudflare’s writeup on Github’s Memcrashed attack – Cloudflare
- US-CERT’s timely alert on UDP amplification attacks – US-CERT
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply