GitHub combats DDoS cyberattack

The code repository has mitigated a new DDoS attack following a crippling salvo experienced in March.
Written by Charlie Osborne, Contributing Writer

GitHub has been working to mitigate a new DDoS attack levied against the service this week.

The code repository, used to host code ranging from security systems to application frameworks as well as data dumps, was made aware of connectivity problems on Tuesday at approximately 10.40 BST. Following an investigation into the issue, the website's team realized they were under a distributed denial-of-service (DDoS) attack, yet again.

DDoS attacks involve hijacking Internet traffic, whether through malware or browsers, and turning this traffic to an unintended target. A website may find itself under an onslaught of too many connection requests, resulting in a denial of service for legitimate users attempting to access a domain. DDoS is a common technique for disrupting websites, and may also be used as a way to distract security teams while more severe network intrusion occurs.

According to a GitHub service report, An hour later, GitHub began pushing back in an attempt to mitigate the DDoS attack, and response times were slower than usual while repairs and restoration were undertaken. At 13.52 BST, service was restored. On Wednesday, systems reported at 100 percent, suggesting the attack is now over.

GitHib has earned itself a few enemies due to content stored on the website, and so DDoS attacks are not necessarily surprising. In March this year, the site became the victim of a DDoS attack lasting close to a week.

At the time, the code repository said the cyberattack involved "a wide combination of attack vectors," as well as new techniques including the hijacking of unsuspecting user traffic to flood GitHub, killing the service.

Dubbed the largest cyberattack in the website's history, the DDoS assault was traced back to servers in China, where traffic intended for the Chinese search engine Baidu was redirected to GitHub. It is believed that the attack took place in retaliation to a "specific class of content" hosted by GitHub, including a content area ran by anti-censorship group Greatfire.org and hosted copies of the New York Time's Chinese language website, as well as other domains censored by the Great Firewall of China.

It is not yet known why GitHub is yet again under assault, or where the DDoS attack originated from.

Top 5 security practices in staying safe online: From the experts

Read on: Top picks

In pictures:

Editorial standards