Go Daddy investigates source of attack

Domain name registrar-Web site host Go Daddy suffered a sustained distributed denial-of-service attack Sunday. The source and motive of the assault is still under investigation.

There were intermittent problems, and things gradually got better over the four or five hours that it lasted.
Neil Warner,
CISOThe Go Daddy Group
The Go Daddy Group, Inc., which runs one of the world's largest domain registrars and Web hosting providers GoDaddy.com, is trying to determine the source and motive of a distributed denial-of-service attack that pummeled the company for several hours and knocked down a number of client Web sites Sunday. For now, company systems and services are back to normal.

During the four-to-five-hour attack, which started around 7 a.m. Sunday, a 12-person IT team worked to stay ahead of an army of IP addresses directing traffic at the Scottsdale, Ariz.-based company's systems. The assault caused various client sites to go down intermittently.

"It was never a case where everything was down for the entire attack," Neil Warner, Go Daddy's chief information security officer, said during a phone interview Monday afternoon. "There were intermittent problems, and things gradually got better over the four or five hours that it lasted." In addition to the company's hosting services, email was affected.

Warner wouldn't say exactly how many client sites went down during the attack. He said it's too soon to tell who launched it and what their motivation was.

"I don't want to get into those details because I don't want the bad guys to go after us again," he said. "But an investigation is ongoing."

DDoS attacks:
SearchSecurity.com's Intrusion Defense School: Intrusion Defense School puts the pieces of intrusion defense -- antivirus, antispyware, IDS/IPS, etc. -- in perspective to help you implement a strategy that meets your organization's needs.

Thwarting Hacker Techniques: This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network.


He said it didn't take long for his team to determine that an attack was taking place. "We looked through the logs to see which IP addresses it was coming from, and it was immediately clear a bunch of IP addresses were trying to bog us down," he said.

Warner said the company's security policies proved successful in containing the attack. Those policies include a game plan for what the IT shop must do in the event of trouble.

"We were able to identify this quickly," he said. "We had the right team in place and I was involved within minutes."

There had been early speculation that the company's service outages were related to the earlier-than-usual start to daylight-saving time (DST), which sent many IT professionals scrambling to fix problems Sunday and Monday. But Warner said DST had nothing to do with it.

"For DST, we had staff on Saturday night and all-day Sunday to ensure there would be no problems," he said. "It was a different staff from the one that handled the attack. Everything went fine with DST."

Founded in 1997, The Go Daddy Group has grown to include more than 18.6 million domains under management, the company said on its Web site. It offers "comprehensive" hosting services, Web site creation tools, Secure SSL certificates, personalized email with antispam and antiphishing measures, and e-commerce tools.

Dig deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close