Akamai says attack targeted specific customers

One day after an apparent attack on its systems slowed access to leading Web sites such as yahoo.com, google.com and microsoft.com, distributed computing company Akamai Technologies Inc. said that it was the victim of a sophisticated, large-scale attack aimed at specific customer Web sites.

Monitoring systems at the company quickly detected the attack on Tuesday and the company’s staff worked with customers and network providers to shut off the source of the attack. The company’s DNS service had returned to normal by 10:45 a.m. Eastern Daylight Time Tuesday, Akamai said.

Akamai apologized to customers affected by the slow downs, but took issue with estimates from Keynote Systems Inc. of San Mateo, Calif., that access to some sites was diminished by as much as 80 per cent during the attack.

Less than one per cent of Akamai customers experienced disruptions affecting more than 20 per cent of their users, Akamai said.

Monitoring services often use private DNS servers to check Web site availability, while most Internet users rely on public servers to find Web pages. If private DNS servers cannot resolve a request to visit a site, the site might be labeled “unavailable,” while public DNS servers would try repeatedly to contact the site, Akamai said.

On Tuesday, public DNS name servers used by most end-users worldwide were able to find the Web sites that were under attack using DNS resolutions from Akamai, the company said.

Staff at Microsoft Corp. were aware of the service interruptions at Akamai but did not receive any registered reports of a direct customer impact from the attacks, according to a company spokesperson.

Word of a problem at leading sites circulated on the Internet in news groups and on IRC (Internet relay chat) channels Tuesday, as Web surfers received error messages when trying to reach google.com, yahoo.com and other sites.

An Akamai spokesman initially acknowledged that the company’s DNS service was under attack, but attributed the problem to a larger attack not limited to Akamai’s systems. Akamai, however, was unable to name other sites that were experiencing a problem and companies that monitor prominent Web sites said that they couldn’t find evidence of a widespread attack.

Akamai technical staff spent much of Tuesday analyzing the attack and concluded that it targeted specific Web sites that use Akamai’s DNS service, rather than the broader DNS infrastructure, spokesperson Jeff Young said Wednesday.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now