My sincerest apologies for those who tried to access the One Citizen Speaking site in the past few days and encountered an error message or a time-out delay. Our blog hosting company, hosting the site of many major corporations, claims they were hit with a DDoS (Distributed Denial of Service) attack.
I am having a hard time buying my hosting company’s story …
As the former Chief Technologist of Interactive Computer Corporation, I do not quite buy their DDoS story as their blogging platform appears to be functioning, yet the blogs do not seem to load or display correctly when they load. That is symptomatic of an architecture, programming, and linking issue rather than a DDoS attack.
Recently, another major corporation claimed that they were being hacked and used the same sketchy DDoS excuse…
“xxxx has detected unusually high demand for services consistent with an external malicious attack characteristic of a distributed denial of service (DDoS). The Company has taken actions to isolate the suspicious activity and prevent future unwarranted access. xxxx’s technical operations teams are continuing their work to restore full functionality for xxxx users.
There is no evidence of any data breach and the Company confirmed that client data and personal xxxx data remain secure.
xxxx has also engaged with third party security forensic specialists to collect evidence to determine appropriate steps with authorities.
followed by a second story …
xxxx, a leading provider of enterprise level, on-demand automated solutions for the xxxx industry, today reported its conclusion that the recent outage to its xxxx services was not a result of a malicious attack and confirmed that there was no breach of customer data.
The characteristics of the outage initially appeared to the Company to be consistent with a distributed denial of service (DDoS) attack. However, following a thorough review of the incident, with assistance from a leading security and cybercrime forensics firm, xxxx has now concluded that there was no malicious attack on its systems. Accordingly, the Company confirmed there was no breach of client or personal xxxx data. The unexpected surge in service requests to web servers that resulted in the outage on March 31, 2014 was triggered by a confluence of factors involving network, hardware, software and demand for service.
Unlike my blog, this outage had severe repercussions possibly involving millions of dollars worth of transactions.
Bottom line …
I am unsure what to believe and will wait a little longer for the resolution to this problem. In all likelihood, I will be migrating any commercial site to another platform with more redundancy and a fail-forward ability.
Again, my sincerest apologies.