Our network fell victim to a highly sophisticated distributed denial of service (DDoS) attack late Wednesday night.
This attack overwhelmed not only the AT&T datacenter at which our sites are hosted, but also nine others across the East Coast.
The attack took down all of UBM Tech's communities, including EnterpriseEfficiency.com, and our IT team worked round the clock to get the situation resolved. Our sites returned to full functionality at about 6:00 p.m. ET on Thursday.
According to UBM Tech managing director Stephen Saunders, this was the first time in 13 years that we have had such an occurrence on our network. Saunders goes on to state:
Unfortunately, DDoS attacks are becoming increasingly common (two thirds of financial institutions were impacted by denial of service incidents in 2012; other victims include The New York Times, the FBI, Microsoft, Amazon, and eBay). While it is not possible for us to guarantee that we will not be affected again, we are currently undertaking an analysis of our Web infrastructure to limit the chance of a recurrence to the maximum extent that is possible.
As our investigation continues, we hope to share with you details about our experience. In the meantime, we'd love to hear your DDoS stories. Have you ever experienced one firsthand? What actions or best-practices do you recommend? Share your insights and experiences in our comments section below.
@H_H: You're correct, an attack of this nature is certainly a wake-up call. As our managing director says, we'll be looking at ways to harden our setup so that this doesn't happen again. As we often warn others to take security seriously, now we can speak firsthand to what happens when you experience a DDoS attack. Let's hope it ends here!
@tjgkg: That's great news about the Pentagon recognizing cyberwar soldiers, I'm sure they are the unsung heroes whose only gets attention when they fail. For sure the incidents of nation-state involvement are accelerating. It's hard to imagine why Iran or China would want to target little old Enterprise Efficiency. Then again, we are a small part of a large, multinational media company, UBM Tech, so perhaps we became a target by dint of that association. Intriguing, indeed.
@CMTucker: Great question. We're awaiting more info from our VP of IT. My initial thought was that it hactivist horseplay. Obviously it's a much more serious issue if it's a probing attack. Also questions arise about the circumstances around the attack. I can't reveal the details, unfortunately, but the way it was perpetrated leads some in the company to surmise that it had to be done by someone with intimate knowledge of our network. Needless to say, conspiracy theories abound. Being a big fan of conspiracy theories (and detective work) I'm eagerly awaiting more information.
"I am glad to see our community back up and running so quickly."
The IT team has done quite an impressive job to restore most the site functionalities back in such a short time. Their work has gone through fire and has not burned. But they should be aware that the threat remains real and they shall not rest on their laurels.
First off I am glad to see our community back up and running so quickly. These attacks are indeed becoming more commonplace but the worst thing about it is that now nation-states are getting involved. The DDoS attacks recently on the banking industry has been linked to Iran. The Chinese hacked up the NY Times and other publications. To show have far cyberwarfare has come, even the Pentagon has issued a new decoration called the Distinguished Warfare Medal which will be awarded to cyberwar soldiers and drone pilots. It is also fairly prestigious ranking above the Bronze Star. That shows you how our government looks at this issue.
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Please join us for the "IT Convergence Strategies: Why, When and How " to learn more about:
• 5 truths about infrastructure convergence today that go beyond the hype
• How to exploit the 4 phases of convergence maximum efficiency and agility
• Key milestones to plan for on the convergence journey
• Why integrated management is a critical component of convergence plans
• The importance of an open, modular approach, such as Dell’s active infrastructure, to building a converged data center
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: email@example.com
Dell's Efficiency Modeling Tool The major problem facing the CIO is how to measure the effectiveness of the IT department. Learn how Dell’s Efficiency Modeling Tool gives the CIO two clear, powerful numbers: Efficiency Quotient and Impact Quotient. These numbers can be transforma¬tive not only to the department, but to the entire enterprise. Read the full report
Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
VMware has a new solution to the MDM problem, two virtual phones inside a real phone, at least for Android phones. Currently limited to two models, the idea could expand and provide a way of letting companies harmonize their need to manage corporate use of phones while preserving BYOD.
There's a lot of hype about virtualization of networks, NaaS, and SDN, but there's a couple of proven applications that enterprises could adopt right now and potentially save money and improve operations.
Skype/Outlook UC integration means we're going to have competition and fragmentation of UC client architectures, but is that bad? Modern devices can support IM, email, voice, and video clients, so maybe it's the back end of UC we need to be worried about.
Workers are now used to portable device support throughout their everyday lives. We should be looking at the policy of providing fixed-desk devices to support stationary workers. Could portable support be smarter?
Input devices run the gamut, from the humble Missile Command-style trackball to advanced speech recognition. Unfortunately, these input devices can be used for evil as well as good. Case in point: mobile ads that want you to talk to them.
Enterprises want three things in storage systems: First is some speech-recognition way of capturing videoconference data for indexing; second is semantic/AI analysis of emails and IM for content indexing; third is a better system for managing hierarchical layers of storage.