If we thought GitHub surviving the biggest recorded DDoS attack would be the end of it, we were clearly wrong. Last week's DDoS attack is now a history as DDoS mitigation firms are reporting an even bigger attack. Memcached distributed denial-of-service attacks are getting more disturbing by the day, as new attacks are now in the terabit territory.
Just a week after GitHub was temporarily knocked down by the then world's largest recorded DDoS attack, an unnamed US internet service provider has been hit with an even a bigger attack - using the same technique that exploited memcached servers.
Over 100,000 memcached servers are currently putting the stability of the internet at risk. Attackers are using these memcached servers and a new technique that abuses them to fuel the biggest DoS attacks ever seen. This technique effectively exploits a database caching system that is used for speeding up websites and networks, attackers are now amplifying their attacks by an unprecedented factor of 51,000. Using this technique, a single computer with a 100Mbps upload speed can theoretically be used to flood its target with a 5Tbps traffic.
These attacks come bringing notes demanding the targets to pay ransom for the traffic to stop.
After Cloudflare and Akamai reported a sudden increase in amplification attacks that abuse memcached servers, Arbor Networks has now revealed that there is another victim in the list. The attack reached a never before seen 1.7 Tbps. In comparison, GitHub had to handle a 1.3 Tbps DDoS attack.
"While the internet community is coming together to shut down access to the many open memcached servers out there, the sheer number of servers running memcached openly will make this a lasting vulnerability that attackers will exploit," the company said.
"Until the internet community is able to adjust and make significant progress on memcached servers, we should expect terabit attacks to continue."
Following mega data dumps of 2016 and ransomware campaigns of 2017, it appears this year is going to be about some disturbingly massive DDoS attacks as attackers continue to exploit memcached servers to amplify data volume (explained in detail here) in an effort to take down some of the biggest companies and websites.