Our network fell victim to a highly sophisticated distributed denial of service (DDoS) attack late Wednesday night.
This attack overwhelmed not only the AT&T datacenter at which our sites are hosted, but also nine others across the East Coast.
The attack took down all of UBM Tech's communities, including EnterpriseEfficiency.com, and our IT team worked round the clock to get the situation resolved. Our sites returned to full functionality at about 6:00 p.m. ET on Thursday.
According to UBM Tech managing director Stephen Saunders, this was the first time in 13 years that we have had such an occurrence on our network. Saunders goes on to state:
Unfortunately, DDoS attacks are becoming increasingly common (two thirds of financial institutions were impacted by denial of service incidents in 2012; other victims include The New York Times, the FBI, Microsoft, Amazon, and eBay). While it is not possible for us to guarantee that we will not be affected again, we are currently undertaking an analysis of our Web infrastructure to limit the chance of a recurrence to the maximum extent that is possible.
As our investigation continues, we hope to share with you details about our experience. In the meantime, we'd love to hear your DDoS stories. Have you ever experienced one firsthand? What actions or best-practices do you recommend? Share your insights and experiences in our comments section below.
@tjgkg: Hadn't seen that article but I agree it's a very real possibility. And if the basic infrastructure (power, water) is somehow compromised, it really isn't going to matter much what the private sector has put in place to protect itself.
Recently I read an article where a general in the Chinese army equated cyber warfare with atomic warfare. There are lots of probes going on now by nation states looking to exploit weaknesses in corporate and government cyber infrastructure. The next war could be that instead of a bomb going off in a city, the banks fail and utilities fail because of cyber attacks. While I am sure the corporate folks will take care of their businesses, I often wonder if the government is on the job.
@tjgkg: Thanks. Yes, fortunately we've made a full recovery now and all is well. Let us hope such attacks never go beyond "harrowing inconvenience" into truly dangerous territory, such as involving crtiical national infrastructure. That's when things get real.
@tjgkg: This is true. After spending last week at the RSA conference I now know that anything is possible, and probably. Our IT team as well as the service provider involved are working to harden their defenses. It seems these days the efforts by bad actors to find a weakness anywhere they can is a non stop proposition. Not a matter of "if" but "when."
@Susan Nunziata: I agree. But you know with espionage, things aren't always what they seem. They could be looking for worm holes to bigger things or it could be a military trainee starting with a little old company before he goes on to something like GM!
Over the last month or so I doubt many IT teams have had time to rest on anything let alone laurels. There seems to be a coordinated series of attacks on the cloud by nation states. This is some wakeup call to not only the government but the IT community because nothing in the cloud, including business and government is currently safe. Hell even one of our drones was hacked and that is the military.
yes, but it could be simple case where people with mental disability just looking for fame.../publicity... from what I study in humanities and basic physiology... this is could be the case for majority of the them... just to show off - jumping out from crowd... for me it a bit scary... from my point of view... they need help by med. professionals...
genius is always away from border line of normality...
@Ashish: Thanks!! And, regarding your reply to @Sara, it is interesting the media sites are increasingly becoming targets. Perhaps it's because we feel compelled to then write about the experience, giving the hackers even more exposure and free publicity. :)
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Please join us for the "IT Convergence Strategies: Why, When and How " to learn more about:
• 5 truths about infrastructure convergence today that go beyond the hype
• How to exploit the 4 phases of convergence maximum efficiency and agility
• Key milestones to plan for on the convergence journey
• Why integrated management is a critical component of convergence plans
• The importance of an open, modular approach, such as Dell’s active infrastructure, to building a converged data center
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: firstname.lastname@example.org
Dell's Efficiency Modeling Tool The major problem facing the CIO is how to measure the effectiveness of the IT department. Learn how Dell’s Efficiency Modeling Tool gives the CIO two clear, powerful numbers: Efficiency Quotient and Impact Quotient. These numbers can be transforma¬tive not only to the department, but to the entire enterprise. Read the full report
Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
There's a lot of hype about virtualization of networks, NaaS, and SDN, but there's a couple of proven applications that enterprises could adopt right now and potentially save money and improve operations.
Skype/Outlook UC integration means we're going to have competition and fragmentation of UC client architectures, but is that bad? Modern devices can support IM, email, voice, and video clients, so maybe it's the back end of UC we need to be worried about.
Workers are now used to portable device support throughout their everyday lives. We should be looking at the policy of providing fixed-desk devices to support stationary workers. Could portable support be smarter?
Input devices run the gamut, from the humble Missile Command-style trackball to advanced speech recognition. Unfortunately, these input devices can be used for evil as well as good. Case in point: mobile ads that want you to talk to them.
Enterprises want three things in storage systems: First is some speech-recognition way of capturing videoconference data for indexing; second is semantic/AI analysis of emails and IM for content indexing; third is a better system for managing hierarchical layers of storage.