In a dramatic event with far reaching effects the Internet registrar GoDaddy.com, reportedly the largest hosting provider for secure websites, went down on Monday, the 10th of September, taking thousands, maybe millions, of websites with it and for about six hours the sound of screaming and desk pounding was heard far and wide. At one point GoDaddy turned control of the company’s DNS services to rival VeriSign in hopes of restoring some usage.
The first to claim responsibility was a hacker Tweeting under the moniker, @Anonymous Own3r. In broken English he/she sent the message, “I’m taking godaddy down bacause well i’d like to test how the cyber security is safe and for more reasons that i can not talk now.”
Several Internet security experts also seemed to confirm @Anonymous Own3r’s claim of causing denial of service to GoDaddy. Distributed Denial of Service (DDoS) is when a flood of incoming messages to a target system (GoDaddy in this case) essentially forces it to shut down, thereby denying service to the system to legitimate users.
And in the wake of DDoS events from various hackers under the Anonymous name it did seem plausible that they had engineered the attack. The press jumped on and most claimed the hacker entity was responsible.
The next day GoDaddy.com announced that the DDoS wasn’t the result of a hacker attack after all but a “router issue”.
“We have determined the service outage was due to a series of internal network events that corrupted router data tables,” GoDaddy.com interim CEO Scott Wagner said in a company statement. “Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.”
There are those who think the statement from GoDadddy.com is a bit fishy and vague. Ira Victor, a security expert with Data Clone Labs in Nevada trained in digital forensic incident response (DFIR), said we may never know for sure.
“It could be a network failure, it could be that it was one of these anonymous groups … or it could be something else altogether,” Victor told FoxNews.com.
Pretty conclusive isn’t it?
This incident is another example of the vulnerability of anyone in the online universe. Some experts say as little as 50 computers linked together could have caused millions of GoDaddy’s clients to go dark.
So can a business protect itself from this sort of interruption?
GoDaddy, which hosts more than 5 million sites, has been a subject of hackers’ ire because it publicly supported federal anti-piracy legislation called the Stop Online Piracy Act, or SOPA. So it may have made itself a target simply by its politics. Either way it exposes a huge vulnerability to a company that hosts the bread and butter of millions of small businesses.
Perhaps hosting your website in a quieter corner of the web may be a way to protect your business. Equip your computers and servers with all the anti-bad stuff software. Before signing with an Internet Service Provider ask them what they will do for you in case of a service denial. They may be able to protect you or they be forced to abandon you to avoid bandwidth loss to their other clients. Most bad guys will leave you alone if you’re protected and move on to bigger fish (like GoDaddy). Other than that DDoS is a possibility for just about anyone.