Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Catastrophic' DDoS Attack Hits Linode Servers Over Labor Day Weekend (softpedia.com)

Posted by BeauHD on from the to-be-continued dept.

An anonymous reader writes: A coordinated DDoS attack hit Linode (VPS provider) over the weekend, which the company has described as "catastrophic." The attack targeted the company's Atlanta data center, and was timed for the extended Labor Day weekend when the company had fewer employees on hand to deal with the incident. At the start of the year, after suffering a two-week-long DDoS attack, Linode announced a data breach with attackers accessing some user accounts. The company reset passwords after it detected the intrusions. Linode engineers told customers they were "experiencing a catastrophic DDoS attack which is being spread across hundreds of different IP addresses in rapid succession, making mitigation extremely difficult." The report adds: "During all this time, connectivity to the service was down, affecting Linode customers such as Clojars, a repository of open source Clojure libraries that relies on the Linode infrastructure."

36 comments

  1. Eh, what? by Viol8 · · Score: 1

    "a repository of open source Clojure libraries that relies on the Linode infrastructure"

    So these libraries are only available in one place? Haven't these guys heard of mirror sites? I know its easy to fool Joe ixpack into thinking The Cloud is some safe secure place and he never needs to worry about his data ever again (honest!) , but one would hope people involved in writing programming libraries would have a bit more common sense.

    1. Re:Eh, what? by Anonymous Coward · · Score: 1

      mirror sites cost money. In the end it is a tradeoff between how much mitigation you can afford vs how much downtime you are willing to accept.

    2. Re:Eh, what? by Anonymous Coward · · Score: 0

      Huh? For a library like this, as well as the Linux kernel etc., mirrors are normally supplied by universities and private companies. So the cost is resources donated (funded) through either public or a private interest to help support the non-proprietary software model.

      So in this case the issue is obviously not about paying to mirror someone's dog-walking service or other 100% commercial site to keep it up, that would be stupid. All of those costs would be borne by the business owner.

    3. Re:Eh, what? by Anonymous Coward · · Score: 0

      In all fairness, to the Joes of which you speak, the cloud is a huge upgrade to what they have themselves on home PCs. You think these Joes know about backup cycles and offsite storage? What to backup and when? Be honest, with their terabytes of content, they don't have anything backed up because it costs too much, and takes too long. If a drive fails, "Oh shit. Better blame Apple/Dell/bloke I bought it from."

      Most sites are a stack of cards. They reference external infrastructure all the time. If that goes down, for whatever reason, their sites will not work. Management is given choices by dev staff. Invariably they'll take the cheapest options, and suck it up when things break. I've seen it plenty of times. The board rarely cares. Lost business isn't lost. It doesn't go anywhere else, it merely comes in a few days later. That's reality.

    4. Re:Eh, what? by Anonymous Coward · · Score: 0

      Huh? For a library like this, as well as the Linux kernel etc., mirrors are normally supplied by universities and private companies. So the cost is resources donated (funded) through either public or a private interest to help support the non-proprietary software model.

      IOW, they cost money. QED.

  2. IPFS by MartinG · · Score: 1

    Hosting static binaries such as jar files is a great use case for ipfs.

    In fact, it would be good to see package managers in general support IPFS downloading, and possibly good for privacy as well as availability.

    --
    -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
    1. Re:IPFS by Anonymous Coward · · Score: 0

      Isn't it about the same use case as torrents, with a similar level of effort?

      A CDN is plug-and-play from the client side.

    2. Re:IPFS by Anonymous Coward · · Score: 0

      > Hosting static binaries such as jar files is a great use case for RPM or apt..

      Fixed That For You.

    3. Re:IPFS by MartinG · · Score: 1

      rpm and apt are tools to fetch things from repositories, not for hosting them.

      What I am suggesting is that they could be modified to fetch packages from ipfs instead of via http.

      --
      -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
    4. Re:IPFS by MartinG · · Score: 1

      In a loose sense, ipfs _is_ a cdn.

      --
      -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
  3. If only there were a decentralized network by Anonymous Coward · · Score: 0

    We could use that and not have a single point of failure.

    1. Re:If only there were a decentralized network by roger_that · · Score: 2

      Do you mean something like, say, The Internet?

    2. Re:If only there were a decentralized network by Anonymous Coward · · Score: 2, Funny

      That's a catchy name. Do you have a prototype or are you still conceptualizing?

    3. Re: If only there were a decentralized network by Anonymous Coward · · Score: 0

      Is this The Internet disruptive? I don't want to invest if it isn't disruptive.

    4. Re: If only there were a decentralized network by Anonymous Coward · · Score: 1

      No, it's just a passing fad. It'll never have more than 640 users.

    5. Re: If only there were a decentralized network by Anonymous Coward · · Score: 1

      You mean 640k users...

    6. Re:If only there were a decentralized network by CastrTroy · · Score: 1

      I think the point is that the internet is becoming less distributed. Everybody putting their web sites up on virtual machines in "the cloud" means that there are 2 or 3 entities who are responsible for a very large number of websites. Even if they use multiple datacenters, they are all interconnected in the case where if 1 fails, other datacenters can take over, but sometimes this has even more disasterous effects where a chain reaction takes down an even bigger part of the network.

      Some people are taking this to an extreme and just doing things that don't make a lot of sense. Using Google's version of certain javascript libraries comes to mind. Sure, Google isn't very likely to go down, but it's kind of a bad idea to rely on some third party for something that you could easily host yourself all in the name of shaving a few milliseconds off the page load time.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  4. *Labour by Anonymous Coward · · Score: 0

    n/t

    1. Re:*Labour by Anonymous Coward · · Score: 0

      It's "Labor" in the US: https://en.wikipedia.org/wiki/...

    2. Re:*Labour by Anonymous Coward · · Score: 0

      Sure, just as soon as you wankers make it a holiday over there where you spell things with a Frenchie 'u' in them.

    3. Re:*Labour by Anonymous Coward · · Score: 0

      Better than being the sort of person who has to look up "British slang words" on Google to learn how to spell "wanker." You'd think a mirror would have done in your case, Amerikkkan.

    4. Re:*Labour by Anubis+IV · · Score: 1

      If you're Canadian, maybe, otherwise no. Labor Day is an American holiday which is not to be confused with the similarly-named Labour Day that is observed in other countries. While they may celebrate roughly the same thing, they have separate histories and are (with the exception of Canada) held on completely different dates.

      The attack was aimed at Linode's Atlanta data center, so we can safely assume that they were referring to the American holiday, not the Canadian holiday that takes place on the same day. As such, the only correct way to refer to the holiday would be as "Labor Day", given that it's the proper noun for the holiday in question. By the same line of logic, it would be entirely incorrect for an American to refer to the 1 May celebration as "Labor Day", since the proper noun for that holiday is "Labour Day" (or one of the alternate names that it goes by).

  5. Hooray we know what Linode is by Anonymous Coward · · Score: 0

    It was almost universally true that Slashdot would fail to describe what a Linode was, in any of their other astroturf articles. At least now we know - just another VPS provider but with a Linux-y sounding name.

  6. 1-ADAM12 by Anonymous Coward · · Score: 0

    Happy Birthday Martin Milner!

    Black Coffee on Me

  7. Lower staff levels matter? by Anonymous Coward · · Score: 0

    So they don't keep staff on-call? They don't have outside security firms already on speed dial? They don't have plans already in place?

    They've HAD attacks already. They should know better.

    And honestly, if the attackers are expecting you to be weak on a big holiday, and you know they are, then you MUST be prepared. Place where I used to work was notorious for taking a couple major holidays where literally not one single employee was in any of the facilities. There were only a couple on-call people for big clients to use. But otherwise nobody was there.

    What were probably Russian hackers hit us on one of those weekends and nobody did anything about it until 9AM the next work day. The company had no clue how much damage had been done or data stolen. It was all buried and customers were told a webserver had failed. Right.

    1. Re:Lower staff levels matter? by Anonymous Coward · · Score: 0

      What evidence do you have that suggests it was Russian hackers?

    2. Re: Lower staff levels matter? by Anonymous Coward · · Score: 0

      What makes you think staff wasn't or is never on call for this sort of thing?

    3. Re: Lower staff levels matter? by Anonymous Coward · · Score: 0

      Who is to say they didn't and the copypasta'd article didn't bother to do their research. #rumormogering #faster #better #cheaper

    4. Re: Lower staff levels matter? by Anonymous Coward · · Score: 0

      I bet there was a lot of telecommuting. Maybe there was a traffic jam on their commute.

    5. Re: Lower staff levels matter? by Anonymous Coward · · Score: 0

      I bet as soon as the competition caught wind they thought they might join in the fun.

  8. Virtual directory for hackers by null+etc. · · Score: 1, Interesting

    Duh. Linode is one of the few hosting services that "helpfully" assigns systematic aliases (such as "linode1234.members.linode.com") to all virtual machines, basically providing a host lookup for hackers to easily target Linode hosts.

    It boggles the mind.

    1. Re:Virtual directory for hackers by Anonymous Coward · · Score: 2, Insightful

      Not providing DNS service would slow attackers down...by about 2 seconds. Very easy to scan a network.

    2. Re:Virtual directory for hackers by Anonymous Coward · · Score: 0

      Amazon assigns systematic aliases too: ec2-54-173-48-1.compute-1.amazonaws.com, ec2-54-173-48-2.compute-1.amazonaws.com, ec2-54-173-48-3.compute-1.amazonaws.com, ...

      That doesn't help attackers any. These attacks are targeting Linode itself, their entire infrastructure. Whoever's doing it doesn't give a shit what PTRs live there.

  9. Monoculture by NuclearDog · · Score: 1

    I get that a monoculture is bad, but... When was the last time AWS lost an entire data centre to a DDOS?

    It's probably exactly what the attackers want, but as someone with a responsibility first to my employer, how can I ever recommend a company like Linode?

    They need to figure this out, because every time one of these articles hits the news the reputation damage is pushing them further and further into a spiral.

    --
    This statement is forty-five characters long.
  10. wrong by Anonymous Coward · · Score: 0

    this is a DDOS attack, providing DNS is a dumb idea, as the attack continues even if the IP is switched.