Back in 2009 when it happened to bitbucket, this was afaik due to hosting a particular project (hurting bitbucket was a side effect of hurting this particular project, some communities seems to be happy to resolve issues with DDoS attacks...).
It could just be some rogue deployment script running from EC2 that are a little more active that it should be. Imagine someone is deploying their 1GB repo from GitHub to 100 small EC2 instances :)
My startup cucumbertown.com is hit with similar issues.
Initially we blocked all Ec2[1] & spamhaus ip list. But then realized Flipboard proxies[2], some blog aggregation proxies etc are based on Ec2 machines.
What would be a good way to block such rogue machines? Is there a community sponsored list or Ec2/Rackspace ips that are creating issues?
Banks were being hit the first week of October, then I know some VoIP servers were being hit such as Callcentric by DDoS. I can see why the banks were hit, but not why so many much smaller businesses are being attacked.
I don't think so. If you we're hosting GitHub you would figure out pretty easily if it was related to cloning a specific repo from AWS and just disable the account hosting the repo.
Care to elaborate why GitHub would be a target for a state sponsored DDOS attack? Seems a little far-fetched, for a website that is virtually unknown outside of the developer community
In the broadest sense, github is a site where anyone can upload and publicize any file of reasonable size. Depending on who is uploading what, that could easily make them a target.
There's some statistic out there somewhere from some paper which found out that like 3 out of every 4 (or something ridiculous like that) cyber attack on the US government comes from China so...it's not that farfetched.