News broke late last night that web hosting biz DreamHost has been largely crippled by a distributed denial of service attack, bringing down most of its services. DreamHost’s status page reports serious disruption to its hosting, webmail and virtual private servers, as well as degraded email performance. Stephanie Weagle, VP at Corero Network Security commented below.
Stephanie Weagle, VP at Corero Network Security:
“There are countless reasons why hosting providers must implement dedicated and automated DDoS protection; the motivations for DDoS attack campaigns are far ranging and often magnified due to the number of customers hosting providers service and the aggregate internet peering bandwidth they utilize. Hosting providers thrive on their SLA’s, and DDoS threatens service availability in varying degrees. In the event of the attack against Dreamhost, customers experienced several hours of downtime as a result of this successful attack.
“An attack on a single client of the provider—such as a high-traffic gaming service, politically sensitive site or otherwise—can create major collateral damage to other hosted customers. These innocent bystanders are placed in the unfortunate situation of suffering from second-hand DDoS damage because they are hosted on the same shared facilities as the intended victim, and the results can be devastating for both the provider and their customers.”