The attack was apparently conducted via a non-bot technique called an amplification attack. These use memcached database systems, says Wired, that can be queried by anyone. Attackers spoof the IP of their target and send small requests to the memcached databases, which then send a massive amount of traffic to the target system, like GitHub in this case. The answer to shutting down attacks like these is twofold, says Wired. Mitigation services like Prolexic can add filters to automatically block this sort of traffic, and owners of memcached databases can remove them from public access.