DDoS Attack Behind Latest Network Solutions Outage


A Distributed Denial-of-Service attack crippled the servers at hosting services firm Network Solutions, disrupting thousands of websites for several hours Wednesday.

DDoS attackers overwhelm servers by flooding a company's pipeline with unwanted network packets. Herndon, Va.-based Network Solutions, which manages more than 6 million domains, said on Facebook that its network security team was forced to respond to the attack. The outage is one of at least a dozen outages at cloud hosting providers impacting users in 2013.

DDoS attacks are a common occurrence at hosting providers, e-commerce businesses and financial institutions. The volume, strength and length of attacks are increasing, according to a quarterly threat report issued Wednesday by Hollywood, Fla.-based DDoS mitigation vendor Prolexic. The vendor said in the first quarter of 2013 it recorded an average DDoS attack bandwidth of 48.25 Gbps, an all-time high since it began issuing quarterly attack reports in 2011.

[Related: Protecting Data In The Cloud: 10 Top Security Measures]

The average attack duration is 38 hours, according to Prolexic. Website monitoring services indicate that the Network Solutions attack may have been going on for at least 24 hours before it overwhelmed the company's servers.

In June, Network Solutions had its DNS servers hijacked and reconfigured to a malicious website after it botched efforts to thwart a DDoS attack. Network Solutions released a statement at the time indicating that a "small number of customers" were impacted for several hours.

In a blog post about the incident, a network security engineer at Cisco Systems said the misconfiguration could have impacted at least 5,000 domains. "Organizations need to carefully consider how they would swiftly identify unauthorized modifications to their DNS records and how they would react to such a situation," wrote Jason Schultz, a Cisco threat research engineer.

The message from cloud security experts is that companies get what they pay for from cloud hosting providers. Companies can ensure that continuity and disaster recovery is built into a contract with a cloud provider, but additional services will come at a cost, said David Barton, principal and practice leader of the technology assurance group at Atlanta-based UHY Advisors, a business consulting firm.

Barton, a speaker this week at the MIS Training Institute's Conference on Big Data Security, urged attendees to be wary of the risks of cloud computing, which include downtime caused by DDoS attacks.

Corporate and legal teams need to be part of the review and approval process for big data projects and contracting with cloud hosting providers, Barton said. Policies and procedures should be communicated effectively so employees don't procure services on their own.

"Make sure that everyone in the organization knows that if you do this and don't get approval, there are consequences if the IT team finds out about it," Barton said.

PUBLISHED JULY 18, 2013