CASE STUDY ON

DDoS ATTACKS
By Aria Ibnat
 TABLE OF CONTENTS

Intro to the Dyn Overview of the

DDoS Attack
01 04 GitHub DDoS Attack

Attack Methodology Attack Methodology

and Techniques
02 05 and Techniques

Results after the Results after the

Dyn Attack 03 06 GitHub Attack
 Introduction

In the realm of cybersecurity, Distributed Denial of Service (DDoS) attacks have emerged as
a formidable threat, capable of disrupting online services and causing widespread chaos. This
case study delves into two significant DDoS attacks that left a lasting impact on the digital
landscape: the Dyn attack of 2016 and the GitHub incident of 2018. These high-profile events
serve as stark reminders of the evolving tactics employed by malicious actors and the critical
importance of robust cybersecurity measures in today's interconnected world. By exploring
the intricacies and consequences of these attacks, we can gain valuable insights into the ever-
present need for vigilance and resilience in the face of the growing DDoS menace.
 The Dyn DDoS Incident
Dyn is a major DNS (Domain Name System) service
provider responsible for translating human-readable
domain names into IP addresses, ensuring the proper
functioning of numerous websites and online services.

• Revealed a critical internet infrastructure vulnerability

October 21
• Caused a widespread service disruption affecting popular websites,
services, and even IoT devices.

• Served as a wake-up call for organizations to enhance their

2016 cybersecurity measures

• Prompted greater collaboration among internet service providers,

security experts, and organizations to collectively address DDoS
threats and protect against similar incidents in the future.
 THE METHODOLOGY AND TECHNIQUE
Mirai BotNet
Mirai botnet, infected compromised
Internet of Things (IoT) devices,
turning them into a massive network
of bots under the control of the
attackers.
DNS Reflection Attacks
It was used to amplify the
assault by sending a load of
queries. The victims respond
to those cauising a volume of
traffic.
Multi-Vector Attack
Combined various DDoS techniques
and strategy for Dyn's security
teams as it required addressing
multiple attack vectors
simultaneously.
 THE OUTCOMES

• Disruption of Major Websites and Services

• Multiple Attack Waves

• Geographic Impact

• DNS Vulnerabilities Detection

• Attribution and Legal Actions

• Increased Awareness
 GitHub DDoS Incident
On February 28, 2018, the GitHub DDoS Attack emerged as a
significant cybersecurity incident that targeted the world's largest
platform for software development and collaboration. This attack
highlighted the evolving tactics employed by cybercriminals to
disrupt critical online infrastructure.

• Underscored the vulnerability of essential development tools and

services to DDoS threats.

• Generated a massive influx of traffic, reaching up to 1.3 terabits per

second.

• Highlighted the significance of rapid incident response and

preparedness in safeguarding online services.

• Encouraged greater collaboration within the tech industry to address

DDoS threats.
 THE TECHNIQUE AND METHODOLOGY
DDoS Technique
The attack primarily used a Distributed
Denial of Service (DDoS) technique,
involving a massive botnet of compromised
computers to flood GitHub's servers with
traffic. This overwhelming volume of
requests aimed to disrupt GitHub's services.
Amplification
The attackers employed amplification
techniques by sending small requests to
vulnerable servers, which generated
much larger responses. This magnified
the volume of traffic directed at GitHub,
making it more challenging to handle.
Reflection Attacks
The methodology included reflection
attacks, where the attackers exploited
insecure network protocols to bounce
attack traffic through intermediary
servers. This obscured the source of the
attack, complicating efforts to trace and
block the malicious traffic.
 THE AFTERMATH

• Increased awareness of DDoS threats

• Improved security measures

• Impact on service reliability

• Enhanced user experience

• Lessons for other organizations

• Legal actions and investigations

CONCLUSION

The Dyn (2016) and GitHub (2018) DDoS attacks represent pivotal moments in the
ongoing battle against cyber threats. These incidents showcased the vulnerabilities of our
increasingly interconnected world and emphasized the critical role of cybersecurity in
maintaining the stability of online services. As we reflect on these case studies, it is evident
that DDoS attacks continue to evolve in scale and complexity, necessitating constant
innovation in defense strategies. The lessons learned from these attacks underscore the
imperative of collaborative efforts between organizations, governments, and individuals to
fortify our digital infrastructure. In an era where our daily lives are inexorably linked to the
digital realm, these case studies serve as a stark reminder of the need for ongoing
vigilance, adaptability, and resilience in the face of an ever-evolving threat landscape.
THANK
YOU—THE END