As most of you probably know www.itslearning.com saw some serious disruption to its service yesterday. We have logged more than 5 hours of downtime, most of it within core working hours. This makes yesterday one of the worst days we have had in terms of quality of service and this is treated with the outmost seriousness.
Yesterday at 9.16 we were hit by the first of (at least) three pretty large "Distributed Denial of Service attacks" (Wikipedia). Within a minute traffic to our login page increased to 20 times the amount we find during peak hours. The increase in traffic was too much for some core services and we crashed.
Is itslearning not protected against this type of attacks?
We already have in place a range of solutions that on a regular basis stops this type of attacks before affecting our service. Unfortunately, yesterday's attack was of a particular malicious and coordinated type that we didn't have sufficient protection against.
Have we fixed it?
Preventing DDOS attacks is an ongoing effort, and we are always at risk of being attacked again. However, during the night we introduced several new security measures that will prevent attacks similar to the one we saw yesterday. Other measures will be released shortly. Please note that we will not release any details or time scales related to security measures taken to protect itslearning.
Was this a deliberate attack on itslearning or where we a random victim?
These types of attacks do not happen randomly or by accident. This was a deliberate attack on our business and is taken seriously. We will cooperate with the appropriate Norwegian authorities to fight this type of computer crime and a police report will be filed. If you have any information you think could be related to this incident, please do not hesitate to contact us at e-mail (post(at)itslearning.com ) or using this form (anonymous).
Has any customer data been compromised during the attack?
No. The purpose of this attack was only to disrupt the service. No customer data has been compromised; customer data and user accounts are safe.
Posted on Tue, January 13, 2009
by Øyvind Flatnes