(WEB HOST INDUSTRY REVIEW) — An attack directed at Neustar (www.neustar.biz), the domain name system services provider for Amazon, Wal-Mart, and Expedia, and other large e-commerce companies, took several Internet shopping sites offline the night before Christmas Eve, taking out sites completely or rendering them sluggish for about an hour, and leaving some last-minute shoppers in a lurch.
Two days before Christmas, DNS services provider Neustar, operating under the UltraDNS brand name, confirmed an attack took place Wednesday afternoon, according to a CNET report. A company representative told CNET that the attacks were directed against Neustar facilities in Palo Alto and San Jose, California.
Neustar corporate communications vice president Allen Goldberg said alarms were sounded at about 4:45 pm local time, when its systems received an unusually high number of queries, characteristic of a denial-of-service attack. Neustar’s mitigation response kicked in minutes, and brought matters under control within an hour, and limited the problems to Northern California region.
In addition to high-profile online shops, many smaller sites relying on Amazon’s web hosting were also knocked offline by the attack. Its S3 and EC2 cloud services were affected by the problems, according to tweets from Amazon’s web evangelist, Jeff Barr.
Neustar had not yet determined the source of the attack, and at least one expert said the attack may have been more widespread. “This was wider than just UltraDNS,” Packet Clearing House (www.pch.net) research director Bill Woodcock told CNET. PCH operates domain name servers and supports worldwide Internet exchange points. “It’s difficult to tell at this point how much is a DDoS attack and how much is collateral damage from the attack that is being felt in other ways… There were routing problems at some major European exchanges at the same time that caused major Internet service providers’ routers to encounter a higher load and pass fewer packets.”
“This attack is the second in as many weeks that targeted a critical piece of the Internet’s infrastructure, the domain name system,” notes security blog Security Focus. “The week before Christmas, Twitter suffered an outage after an attacker with access to the company’s DNS account changed its settings, rerouting visitors to a defacement page.”
UltraDNS was also the victim of a similar, but larger attack earlier this year, taking down Amazon, Salesforce.com, and others.
No related posts.
