GitHub Battles Its Largest-Ever DDoS Attack

GitHub, an online code repository used by several federal groups including the White House, is facing one of its largest-ever cyber threats, staff wrote in a blog post.  

The site underwent 113 hours of distributed denial-of-service attacks, resulting in a few service outages, according to GitHub. The attacks flooded the site with traffic redirected from Chinese search engine Baidu, The Wall Street Journal reported -- users were instead sent to two GitHub pages for greatfire.org, which helps bypass government censorship, and The New York Times’ Chinese language website.

“Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content," said GitHub's blog post informing users of the attack. GitHub declined to provide more detail on the threat.

Other federal groups to use the open-source coding site include the General Services Administration's IT team 18F, the Consumer Finance Protection Bureau, the Federal Communications Commission, the Agriculture Department and the U.S. Agency for International Development, among others. 

The Defense Advanced Research Project Agency uses GitHub to store elements of its Cyber Grand Challenge -- such as parts of the system it plans to use for scoring. DARPA was unaffected by the attack, according to a spokesperson. 

Much of the code on GitHub is open-source and available to the public, meaning the attack likely would not compromise confidential information.

Still, the attacks "include every vector we've seen in previous attacks as well as some sophisticated new techniques" and are an evolving threat, the GitHub blog post said. 

(Image via fotogestoeber/ Shutterstock.com)