After almost two days of disrupted service, SurveyGizmo has completely recovered from a DDoS attack. According to Jason Carolan, CTO of SurveyGizmo’s web host ViaWest, the attack was persistent and estimated at between 20 and 40 Gbps.
The attack began at 6:57 am EST on Wednesday, and just over half an hour later the company received a ransom demand by email, the company revealed in a blog post. By 8:42 am EST SurveyGizmo admitted a data center connectivity issue, and tweeted news of the DDoS attack.
SurveyGizmo “called out” ViaWest shortly after 3:30 AM EST on Thursday, but five hours later had posted more positive feedback about its primary hosting provider.
Carolan denied that the recovery attempt was at any point “abandoned,” as was claimed in a report by VentureBeat.
Just spoke to Viawest CEO. Super customer service focus. All around great recovery for last night’s communication issues. Faith restored.
— Christian Vanek (@cvanek) March 27, 2014
According to Carolan, the extended duration of the disruption was due to the attackers’ persistence. “It’s very easy for them to change attack vectors if they see things not working,” he said. “This was a very persistent attack. We counted several attacks.”
Forty-eight hours and hundreds of tweets after the attack began, it is clear from customer comments that SurveyGizmo’s aggressive and open approach to communicating with the public through Twitter had helped minimize customer relations fallout, at least with some customers.
Once service was mostly restored and surveys were coming back online from the initial attack, CEO Christian Vanek posted to the company blog, reviewing the incident and commending ViaWest for their mitigation and recovery efforts.
“While Viawest and our team had communication issues through this process their team was very committed to getting us online and they were awesome about it. I know we and the social media world have been rough on Viawest over the last 24 hours — but they totally came through for us in the end,” Vanek said. “Although I feel you, our customers, are the greatest victims in all of this, let’s not forget that Viawest was a victim of the DDOS attack too.We are incredibly grateful to their efforts in bringing us back online and are very sorry that they and their other customers suffered as well.”
Following this post, the attacker “redoubled their efforts,” according to SurveyGizmo, and while most services were restored by early Friday morning, email fixes had not yet been completed, and customers in Europe, where the attack originated, were waiting for SurveyGizmo services to be restored. No customer data was stolen during the SurveyGizmo disruption.
The winner in the whole affair is CloudFlare. SurveyGizmo announced in the blog post it had already planned to implement the company’s mitigation and protection services, and CloudFlare participated in the recovery from the event, which highlighted the importance of its services.