Tag Archives: ddos-defense

Credit unions among industries that suffered more DDoS attacks in 2013

A growing number of data center outages are caused by distributed denial of service attacks. On a technical level, DDoS campaigns are much more complicated to address than other leading causes such as human error or IT equipment failure. Accordingly, they often cost hundred of thousands of dollars to resolve. Throughout 2013, credit unions were increasingly targeted by DDoS attacks that overwhelmed their websites with traffic and sometimes created distractions so that other threats could bypass IT security. Going into 2014, mitigating risk from DDoS through software and backup solutions will be the key to reducing the costs and consequences of IT outages. Report finds that DDoS, equipment failure among the leading causes of outages According to one think tank’s research, DDoS attacks accounted for only 2 percent of outages at 67 U.S. data centers in 2010. By 2013, the share had risen to 18 percent. Perpetrators have benefited from ongoing increases in network speeds and the growing complexity of IT infrastructure, both of which have made it much easier to generate massive amounts of fraudulent traffic. The resulting server and equipment failures have footed IT departments with some steep bills. Outages caused by DDoS attacks typically ran $822,000 apiece, far outpacing the $380,000 price tag for incidents attributable to human error. Equipment issues were the most expensive cause, with each event costing slightly under $1 million. While the length of data center outage has gone down over the past few years, related expenses have risen. The average 2013 incident lasted 86 minutes, but cost $690,204, or 37 percent more than in 2010. Credit unions have felt the impact of more frequent DDoS attacks The rise of DDoS attacks has affected IT operations at credit unions, which were targeted by several prominent campaigns in 2013. A $4 billion credit union in Pleasanton, Calif., and a $1.6 billion one in Austin, Texas, had online services knocked out for hours at a time in the wake of DDoS attacks. More specifically, cybercriminals have honed tactics that put financial institution computers through the motions until they become exhausted. For example, a DDoS attack may ask a site for password resets on thousands of spurious accounts, forcing the system to go through each request. Some DDoS incidents may be distractions that facilitate wire theft, but others are politically motivated. Credit unions may need better preparation against DDoS risk, especially since some simply rely on online banking providers or ISPs to protect data. Restore on reboot software can be easily deployed by IT administrators as part of an imaging solution, and it provides fine-tuned management of all office endpoints. Organizations can ensure that kiosks and cash dispensing services remain active even in the event of a crash or attack. Source: http://www.faronics.com/news/blog/credit-unions-among-industries-that-suffered-more-ddos-attacks-in-2013/

Read the article:
Credit unions among industries that suffered more DDoS attacks in 2013

JP Morgan Chase and Bank of America targets for DDoS attacks

Major US financial firms JP Morgan Chase and the Bank of America have been targeted by a distributed denial of service (DDoS) attack, according to one hacktivist group. The European Cyber Army has claimed it waged the attack that disrupted online services for customers of the companies between 10:30am and 2:30pm on Tuesday (28 January). It is the latest in a long line of DDoS attacks that the group has admitted to, with the federal court system one organisation recently impacted. Reports suggest the group have also been responsible for disruptive online attacks in Asia, the Middle East and Europe. Both the Bank of America and JP Morgan Chase has refused to comment on the attack, but customers took to Twitter to complain about the outage to online services. Several executives at organisations that track DDoS activity confirm they saw indications two leading US banks were hit on Tuesday. The news of the DDoS attacks comes as Aleksandr Panin, the Russian programmer who created the SpyEye bank hacking tool, was successfully prosected in the US. Source: http://www.bobsguide.com/guide/news/2014/Jan/30/jp-morgan-chase-and-bank-of-america-targets-for-ddos-attacks.html

View post:
JP Morgan Chase and Bank of America targets for DDoS attacks

US-CERT warns of NTP Amplification attacks

US-CERT has issued an advisory that warns enterprises about distributed denial of service attacks flooding networks with massive amounts of UDP traffic using publicly available network time protocol (NTP) servers. Known as NTP amplification attacks, hackers are exploiting something known as the monlist feature in NTP servers, also known as MON_GETLIST, which returns the IP address of the last 600 machines interacting with an NTP server. Monlists is a classic set-and-forget feature and is used generally to sync clocks between servers and computers. The protocol is vulnerable to hackers making forged REQ_MON_GETLIST requests enabling traffic amplification. “This response is much bigger than the request sent making it ideal for an amplification attack,” said John Graham-Cumming of Cloudflare. According to US-CERT, the MON_GETLIST command allows admins to query NTP servers for traffic counts. Attackers are sending this command to vulnerable NTP servers with the source address spoofed as the victim. “Due to the spoofed source address, when the NTP server sends the response it is sent instead to the victim. Because the size of the response is typically considerably larger than the request, the attacker is able to amplify the volume of traffic directed at the victim,” the US-CERT advisory says. “Additionally, because the responses are legitimate data coming from valid servers, it is especially difficult to block these types of attacks.” To mitigate these attacks, US-CERT advises disabling the monlist or upgrade to NTP version 4.2.7, which also disables monlist. NTP amplification attacks have been blamed for recent DDoS attacks against popular online games such as League of Legends, Battle.net and others. Ars Technica today reported that the gaming servers were hit with up to 100 Gbps of UDP traffic. Similar traffic amounts were used to take down American banks and financial institutions last year in allegedly politically motivated attacks. “Unfortunately, the simple UDP-based NTP protocol is prone to amplification attacks because it will reply to a packet with a spoofed source IP address and because at least one of its built-in commands will send a long reply to a short request,” Graham-Cumming said. “That makes it ideal as a DDoS tool.” Graham-Cumming added that an attacker who retrieves a list of open NTP servers, which can be located online using available Metasploit or Nmap modules that will find NTP servers that support monlist. Graham-Cumming demonstrated an example of the type of amplification possible in such an attack. He used the MON_GETLIST command on a NTP server, sending a request packet 234 bytes long. He said the response was split across 10 packets and was 4,460 bytes long. “That’s an amplification factor of 19x and because the response is sent in many packets an attack using this would consume a large amount of bandwidth and have a high packet rate,” Graham-Cumming said. “This particular NTP server only had 55 addresses to tell me about. Each response packet contains 6 addresses (with one short packet at the end), so a busy server that responded with the maximum 600 addresses would send 100 packets for a total of over 48k in response to just 234 bytes. That’s an amplification factor of 206x!” Source: http://threatpost.com/us-cert-warns-of-ntp-amplification-attacks/103573

View the original here:
US-CERT warns of NTP Amplification attacks

DDoS attacks costly for online companies

Distributed denial of service, or DDoS, attacks can be hugely damaging to companies that rely on their online presence for sales and new business, says DDoS mitigation provider, Prolexic. “All businesses are potentially vulnerable as there are no advance warnings of DDoS attacks, and no way to know if and when your business could be targeted,” says sales and innovation director at DRS, Jayson O’Reilly. “However, if your business is dependent on its Web site to service customers, you should have protocols in place to defend against an attack, should it happen.” O’Reilly states that some businesses are more vulnerable, or more likely to be a target, than others, which is largely industry dependent. Retail, financial services and gaming sites are popular targets. “Businesses should establish the likelihood of attack, or if they have already been a target, what sort of volume of attacks they have experienced. If they have experienced attacks, were these prolonged, or particularly strong? These questions can help a business select a suitable level of DDoS protection,” he says. He adds that businesses that find themselves regular targets, and which have a high dependency on their Web sites for business, should consider a level of protection that comes with high service level agreements. “They should select a DDoS mitigation provider that can have a site back up almost instantaneously, and guarantee uptime. However, this is not a cheap exercise.” There are other, less expensive, options too, according to O’Reilly, which come with a choice of protection levels, guaranteeing protection up to a certain level. “This sort of protection is suitable for businesses that experience low level, less lengthy attacks. However, should an attack happen that is above the protection level the company has paid for, they would be on their own,” O’Reilly says. He says smaller businesses which haven’t yet been hit by a DDoS attack can also follow several steps to better prepare themselves in the event of an attack, adding that companies which use dedicated servers have the option of setting up a backup connection, called an out-of-band (OOB) connection, which is essentially a backup path in case of network communication failure. “In the event of the usual network becoming inaccessible, the businesses can use the OOB connection to access the server instead. A hosting provider can add an OOB connection, and at a price that won’t break the bank.” O’Reilly says network monitoring can also be a big help. “A network monitoring system that can pick up anomalous behaviour, such as sudden spikes, can act as an early warning system for a DDoS attack.” Additionally, he advises companies to be aware of where they are most vulnerable, in order to keep an eye on those points, and strengthen them wherever possible. “Add alerts for your weak points, and put plans in place to upgrade the security on these points,” he concludes. Source: http://www.itweb.co.za/index.php?option=com_content&view=article&id=69922:DDoS-attacks-costly-for-online-companies&catid=69

View article:
DDoS attacks costly for online companies

Steam, Blizzard and EA hit by DDoS attacks

There’s something about the new year that gets hackers all excited as the DDoS attacks continue. The last major attack was on 31 December with DERP unleashing their DDoS on World of Tanks, EA, Blizzard, League of Legends and DOTA 2.It looks like the hangovers have worn off as once again they hit EA and Battlefield 4 servers. EA hopped on the case with a response. In what may have been a response to that, we have no idea what’s behind their thinking with all this, another group decided Steam should be the target. We are still seeing reports that Steam is still having issues despite the attack apparently having stopped. And then it was on to BattleNet… All this is being done for shits and giggles but really achieves nothing other than annoy gamers and cause some temporary headaches for server admins. The novelty will probably wear off in a few days but as the individuals involved are being encouraged by Twitter followers expect more outages. Source: http://www.incgamers.com/2014/01/steam-blizzard-ea-hit-ddos-attacks

Continue Reading:
Steam, Blizzard and EA hit by DDoS attacks

The Year DDoS Got Real for CUs

Before 2013, Distributed Denial of Service attacks seemed to many credit union executives as something the other guys worried about. The prevailing attitude was: We’re not on anyone’s radar. We aren’t on anyone’s enemies list. Why worry? Then came January 2013 when the $1.6 billion University Federal Credit Union in Austin, Texas, and Patelco, the $4 billion Pleasanton, Calif. credit union, both acknowledged they had been knocked offline for some hours. Many big banks were taken down at the same time, in attacks claimed by al Qassam Cyberfighters, an organization that many allege is sponsored by the Iranian government. A month later, in February, both institutions were taken down another time, again in attacks claimed by al Qassam. Many banks also fell victim a second time. There were also dud DDoS attacks, such as a much-ballyhooed May 7 attack – which saw institutions fearfully running for cover from an attack said to be planned by OpUsa, a hacktivist group affiliated with Anonymous – but it amounted to nothing. As the year progressed, there were more reports of DDoS used as a diversionary tactic by criminals who sought to distract financial institution security staff with website attacks as they busied themselves perpetrating high-value wire thefts. There have been no such cases publicly linked to credit unions, but there are multiple cases linked to banks. How many credit unions have been taken down by DDoS? That number is unknown. Patelco and University were named in Internet postings by al Qassam, thus their attacks became public knowledge. The NCUA, for its part, requires credit unions that have been “significantly affected by DDoS” to notify the NCUA or their state regulators. When asked in October for the number of credit unions that had filed reports, the agency shared data showing two outages. But the regulator did not indicate that it believed that tally to be complete. CUNA Mutual, at the same time, indicated it had no count whatsoever of DDoS outages. No one really knows how many credit unions were attacked by DDoS in the year but one fact did seem to emerge. “DDoS has become a perennial, it is here to stay in the threats universe,” said Charles Burckmyer, president of Sage Data Security, a firm that claims several hundred financial institutions as clients. Just what is DDoS? The question is good, because the answer is tough to give. That’s because the format of DDoS shifted dramatically in 2013, said Rodney Joffe, senior technologist at Neustar, an Internet analytics company that also offers DDoS mitigation services. Early in the year, Joffe recalled, DDoS sought to wipe out victim websites by targeting them with huge volumes of traffic – generally assembled using resources stolen from zombie computer botnets where the machine owners have no clue their devices are digital slaves to criminals. So those targets – such as Patelco and UFCU – went down because they were overwhelmed. But DDoS attacks and mitigation strategies continually evolve, said Joffe. When one side jigs, the other responds. That showed up as many financial institutions signed up with third-party mitigation companies to provide emergency “pipe” – Internet bandwidth – to be able to deflect volume-based attacks. So the attackers switched to hitting victims with an avalanche of requests for services that had the effect of using the target computers to in effect tire themselves, noted Stephen Gates, chief security evangelist of Corero Network Security. A classic, for instance, is hitting a financial institution website with many requests for a password reset, probably for non-existent members, but the institution’s computer still is forced to go through so many motions it may become unavailable to genuine users. Pierluigi Stella, chief technology officer at security company Network Box USA, elaborated: “The (DDoS criminal’s) query is usually less than 100 bytes; the reply can be tens of thousands; so the hacker gets an amplification factor of 100. For each packet of 100 bytes the hacker sends out, you get hit by 10,000 bytes.” Multiply that by maybe several hundred queries per second and it is easy to see why this attack has proven so successful in 2013, suggested Stella. The cure, said experts, is to deploy tools that in effect scrub all data as it comes into the system. Bad data is sidelined, authentic data is passed through, and while that is easier to prescribe than it is to implement in practice, experts agreed that DDoS mitigation companies took large strides in 2013 towards building tools that in fact scrubbed incoming data with high success rates. The bad news: Nobody thinks today’s DDoS format will be tomorrow’s, and no one knows what criminals will unleash in the months ahead. Maybe the jackpot question is, how well protected are credit unions when it comes to fending off DDoS, especially as it morphs into different formats? Have they invested in state-of-the-art protections? Not very many have made those investments, said multiple experts contacted by Credit Union Times. Few credit unions will discuss their DDoS defenses on the record but off the record some have indicated that their defenses are thin. Many hope that their vendors – for Internet banking or their Internet service provider – have adequate protections in place to keep the credit union itself also protected. DDoS will remain part of the threats landscape, said multiple experts, mainly because it is effective, it is inexpensive, and it is increasingly easy to deploy. As long as it gets results, criminals will continue to use it, said Joffe. Nonetheless, he flatly predicted that we will not see more of the al Qassam-style, high-profile attacks that won headlines early in 2013. “Those attacks were politically motivated but they accomplished nothing,” said Joffe. Other experts agreed, pointing to changes in Iranian politics and a recent thawing in relationships with the United States. The upshot is that the al Qassam attacks may in fact be history, meaning there may not be more days when several dozen financial institutions are taken offline in a brazen show of Internet power. “But we will see more DDoS because it works,” said Joffe, and he specifically predicted more use of it as a diversion because if a security staff can be distracted for a half-day, that may be ample time for a wire transfer to move money out of the United States and through several hops into a destination country where funds are unlikely to be returned. Gartner analyst Avivah Litan – one of the experts who first reported the use of DDoS as a diversion – noted in an interview that good policy would be to “slow” wire transfers at times when the institution found itself under a DDoS attack. Her opinion is that simply slowing down transaction speed might sharply reduce losses. At least until the criminals figure out a new strategy – and that is a big takeaway from the 2013 DDoS saga. “This is an arms race that is no different from any other arm’s race,” said Joffe. “As we add defenses, the criminals alter their attacks and so it goes on.” The good guys win, said Joffe, by making it expensive for the criminals, such as disrupting their botnet zombie networks. “If we can make it more expensive for them than the rewards they get from their DDoS, we win,” said Joffe. “This will be survival of the fittest,” he warned. Source: http://www.cutimes.com/2013/12/18/the-year-ddos-got-real-for-cus?ref=hp

More:
The Year DDoS Got Real for CUs

Anonymous DDoS attack snowballs, affects several Microsoft services

Hacktivist collective Anonymous has taken credit for an attack that unintentionally affected a number of Microsoft services last week. On Monday, members of the loose-knit hacker group posted on Pastebin about how a distributed denial-of-service (DDoS) attack targeting Japanese Microsoft websites and servers had gone awry – resulting in several of the technology giant’s services going down. “A couple days ago a DDoS attack was launched at Japanese Microsoft (Domain) Websites and Servers,” according to the Anonymous post. “We are sorry to report that the Japanese Microsoft Websites and Servers did not go down as planned. Although something did go down. We took the pretty much the entire Microsoft domains down.” It appears the hackers had a motive. “The DDoS attack was launched in response to Taiji…Operation Killing Bay OR #OpKillingBay,” according to the post. Operation Killing Bay is an initiative protesting the slaughter of dolphins in the village of Taiji in Japan – a controversial topic that has gained a lot of coverage in recent years. “It’s the thought that counts right?” the hacktivists wrote, insinuating that they would strike against Taiji again. The claim explains why several people were reporting outages and disruptions of Microsoft services, including microsoft.com, outlook.com, msn.com, office365.com, Microsoft Developer Network, TechNet, SkyDrive, the Windows Store, sites hosted on Windows Azure, xbox.com and Xbox Live. Most of Microsoft’s affected services were restored quickly. Source: http://www.scmagazine.com/anonymous-ddos-attack-snowballs-affects-several-microsoft-services/article/322945/

See the original post:
Anonymous DDoS attack snowballs, affects several Microsoft services

Denial of Service (DDoS) Cyber attacks – are they using the same logic as terror threats?

Much has been discussed about the damage that the Advanced Persistent Threat (APT) attacks cause to corporates and governments alike. It is estimate that at least 50% of Fortune 500 companies have been compromised by APT, and the potential financial damage to these organizations is almost impossible to quantify, but probably in the trillions of US dollars. Compared to this a crude Denial of Service (DoS) attack or its more advance siblings, the Distributed Denial of Service (DDoS) attacks and Distributed Reflector (DRDoS) attacks, their outcome seems pretty benign- your site is being bombarded by thousands of request for information, until the server gives up and no-one can actually use the site. Once the attack stops, access is possible again and no damage to your IT infrastructure has occurred, no data or money was stolen and hopefully your angry customer will believe it was just a “site malfunction”. But as attack methods have become more sophisticated AND more accessible (for example, now one can simply rent hundreds of BOT computer as a service, to carry the attack for him, using a simple interface, with no need to know how to actually hack), the industry had to act, and developed means to mitigate these attacks. Several methods of DDoS mitigation exist and multiple companies offer these as a service. Now a very dangerous equation begins to unfold, one where the attacker can use simple, cheap tools (a fairly typical rate for DDoS botnet rental hovers around the $200 for 10,000 bot agents per day), and the defender must invest much larger resources, both internal (maintaining a Security Operations Center or SOC) and external (service providers), creating an inherent asymmetry. This asymmetry means that organizations wishing to mitigate this threat will keep investing (or throwing, since there is no actual gain here, only minimizing the impact) money over time, until they are in serious economic pain. And this is exactly what Islamic terrorist have been trying to do in the recent global jihad campaign- making western countries bleed money in order to try and prevent sparse attacks carried by rudimentary means. As Osama bin Laden said: “It is very important to concentrate on hitting the American economy with every available tool … the economy is the base of its military power. The United States is a great economy but at the same time it is fragile.” The risk is that using offensive cyber means one can achieve this goal much faster (and one does not have to blow himself to pieces in the process, or hurt innocent people). Therefore, prevention and not only mitigation is necessary. Organizations must be far more proactive than they are now. Sure, investments in IT security and best practices are always a good idea, but also applying preventive intelligence to greatly reduce the impact of attacks. This, couples with harsher legislation and enforcement against both the suppliers and the perpetrators of the attacks will hopefully, in the end, balance this asymmetric equation. For protection against your eCommerce site click here . Source: http://defense-update.com/20131107_denial-service-ddos-cyber-attacks-using-logic-terror-threats.html

Read the original:
Denial of Service (DDoS) Cyber attacks – are they using the same logic as terror threats?

Anonymous Philippines hack and DDoS Government sites

Critics of the Aquino administration responsible for hacking government websites will be dealt with accordingly, Malacañang warned yesterday. “There are existing laws against hacking and proper action will be taken,” Press Secretary Herminio Coloma told a news briefing when sought for comment on the latest attacks on the websites of several government agencies by activist hacker group Anonymous Philippines. “There are sufficient avenues for free expression so there is no need to resort to illegal acts such as hacking of government websites,” Coloma said. He said that sentiments against the government could be aired in street protests. According to Coloma, there is enough “democratic space” where the public can air their grievances. More gov’t sites under attack Anonymous Philippines claimed it has stopped the operation of major government websites as hackers geared up for today’s “Million Mask March” in Quezon City. In a post on its Facebook page yesterday, the group said the websites of around 100 local and national government agencies – including that of the Official Gazette, Senate, House of Representatives and the National Bureau of Investigation – were “currently down.” With the exception of the Senate website (senate.gov.ph), a random check showed that most of the national government websites in the list were accessible as of yesterday afternoon. Despite having a security feature to mitigate attacks, the Official Gazette website (gov.ph) was temporarily inaccessible yesterday. In a phone interview with The STAR, Roy Espiritu of the Information and Communications Technology Office confirmed that a number of government sites have been under distributed denial of service (DDoS) attacks since Monday. However, he said that “critical” government websites are “secure.” Espiritu said government websites are currently in the process of migrating into more secure servers as mandated by Administrative Order 39, signed by the President in July, which establishes a Government Web Hosting Service. The service seeks to “ensure the government’s Internet presence around the clock under all foreseeable conditions.” Earlier, Espiritu said they are looking into the possibility of incorporating security measures to beef up the defenses of government websites. A DDoS attack is mounted to shut down an Internet site by flooding it with access requests and overload its server handling capabilities. Websites affected by successful DDoS attacks are inaccessible to legitimate users who wish to view their content. The Official Gazette website is protected from DDoS attacks by CloudFare, which offers security by checking the integrity of browsers and looking for threat signatures from users who wish to access the site. DDoS attacks are dependent on the number of people trying to access the website at the same time. Espiritu earlier said that even the most secure websites could be affected by such attacks. In 2010, the websites of Visa and MasterCard were affected by a DDoS attack mounted by supporters of whistle-blower organization WikiLeaks. DDoS attacks are different from hacking, which requires an Internet user to access the website using the password of a legitimate administrator. Investigation According to Espiritu, an investigation will be conducted to determine the people behind the attacks on government websites. He said the people behind the attacks may be charged under the e-Commerce law as the move to shut down the websites deprived the public of the information that they need from the government. On Monday, the website of the Office of the Ombudsman was defaced by people claiming to be members of Anonymous Philippines. The latest cyber attacks on government websites came amid issues involving alleged misuse of the Priority Development Assistance Fund and the Disbursement Acceleration Program of the legislative and the executive, respectively. In August, various government sites were hacked during the Million People March attended by thousands in Luneta. Previous incidents of attacks happened during the height of discussions on various issues such as the passage of the Cybercrime Prevention Law and the territorial dispute with China. Worldwide protest The Million Mask March is an event that will be held in various locations around the globe today “to remind this world what it has forgotten. That fairness, justice, and freedom are more than just words.” According to its official Facebook page, the march will cover various topics including government, education reform, constitutional rights, freedom, unity, drug abuse, respect for all, corruption, nutrition and health and violence among children, among others. Based on the events page of the Million Mask March-Philippines, over 1,000 Facebook users have confirmed attendance in today’s march. A post by an Anonymous member said participants will meet at the Quezon Memorial Circle at 8 a.m. to discuss the activities for the day. The march will start in front of the Sandiganbayan along Commonwealth Avenue to Batasang Pambansa. In a text message to The STAR, Quezon City department of public order and safety chief Elmo San Diego said they received no application for a permit to hold a rally or a march near Batasang Pambansa today. The Anonymous member reminded participants not to bring any form of weapon, adding that the event will be held to show the public’s reaction to the mishandling of the government committed by people in power. The Department of Science and Technology (DOST) Information and Communications Technology Office yesterday underscored the need to fast track efforts to set up a more secure government website hosting facility following the latest hacking of government websites. The websites of the Insurance Commission, Southern Philippines Development Authority, Optical Media Board and that of the local government units of Bolinao, Pasig City, Pateros and the municipality of Basnud, Oriental Mindoro were defaced by members of Anonymous Philippines. Source: http://www.philstar.com/headlines/2013/11/05/1253167/palace-act-vs-hackers

GitHub Struggles With Second Day Of DDoS Attacks

Code sharing site GitHub has been fending off large distributed denial of service (DDoS) attacks for two days now, with the site repeatedly taken offline. The attacks started at around 8pm yesterday, when a “large scale DDoS attack” hit. It didn’t last long as GitHub was back online less than an hour later. GitHub downed by DDoSers again But today problems emerged again. From 10.30am, another DDoS has taken GitHub down. “We’re doing everything we can to restore normal service as soon as possible,” a GitHub spokesperson told TechWeekEurope . GitHub has been keeping users updated on its status page. “We’re simultaneously working on deflecting the attack and restoring affected services,” read a post at 11.17am. “We’re working to re-establish connectivity after the attack disrupted our primary internet transit links,” another post from 11.48am read. The site was functioning at 12pm today, but there was no update on the status page. The site has been battered by DDoS attacks throughout this year. In August, a “very large” strike was reported and it was hit twice in two days in March. Source: http://www.techweekeurope.co.uk/news/github-ddos-attacks-128704

More:
GitHub Struggles With Second Day Of DDoS Attacks