September 18, 2012 1 Comment-
Last Monday, the world’s largest domain registrar in the world, GoDaddy, was stopped in its tracks. Although GoDaddy later claimed accountability for the six-hour service outage, citing “a series of internal network events that corrupted route data tables,” a self-proclaimed member of the hacktivist group Anonymous also took responsibility on Twitter.
The Twitter user @AnonymousOwn3r explained the motive behind his “attack:” “I’m taking godaddy down because, well, I’d like to test how the cybersecurity is safe and for more reasons that I can not talk now (sic).”
This claim coupled with GoDaddy’s delayed explanation of the internal error, caused confusion and speculation over whether this was a hack. The incident resembled a DDoS attack, as all GoDaddy-hosted websites were down. But a typical DDoS attack wouldn’t have compromised non-hosted DNS (Domain Name System) servers.
Even though signs point to in-house technical difficulties in this instance, this lack of clarity affect the reputation of the DNS provider, and the outage, regardless of the source, impacted the productivity of thousands of enterprises that rely on uninterrupted service.
This attack is yet another reminder that we have entered a new phase in protecting our networks. Hacks today are often much more subtle in the past, and it is increasingly difficult for security teams to know quickly that when a disruption occurs whether it’s due to internal network issues or an intrusion.
It also points to the need for security teams to ensure multiple layers of protection are in place at each node in the network, as well as have in place a methodology for studying intrusions. This protection and information will help security teams eliminate certain causes for outages immediately and enable them to focus attention on likely causes, whether network- or intrusion-related.
GoDaddy did not suffer a breach, but the scare is a strong reminder that security teams must continuously review and uplevel their security architectures, processes for identifying sources of network disruptions and have in place strategies to communicate with customers, partners, investors and other key stakeholders.
We’re eager to hear your tips and best practice suggestions.
Darin Andersen is the Vice President & General Manager for Norman North America and has more than 20 years of experience in software and security sales management.
Security Exposed Bloggers
Norman Blog Archive