Large-scale attacks knocked two prominent, web-based services offline late Tuesday, as cyber criminals attempted extort money from the owners of news aggregation site Feedly and the hosted productivity tool Evernote.
Feedly – a web site that pulls together news feeds from across the web – remained unreachable early Wednesday, while Evernote was back online. Both companies issued statements confirming that they were the victims of a massive distributed denial of service (DDoS) attack.
“We’re actively working to neutralize a denial of service attack. You may experience problems accessing your Evernote while we resolve this,” read a message sent from Evernote’s Twitter account Tuesday evening at around 8:00 PM Eastern Time.
And, around 5:00 AM Eastern on Wednesday, Feedly posted a blog entry that reads:
“Criminals are attacking feedly (sp) with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.”
Denial of service attacks are an endemic problem online. The recent Verizon Data Breach Investigations Report (DBIR) notes an increase in both the number and size of DDoS attacks. In 2011, the DoS attack involved 4.7 Gbps of bandwidth with a 411 Kpps (kilo-packets per second) rate. In 2013 the average DoS attack measured 10.1 Gbps at close to 8.1 Mpps (mega-packets per second), Verizon reported. Arbor Networks’ Worldwide Infrastructure Security Report (SIR) )(PDF) recorded multiple instances of DDoS attacks that exceeded the 100 Gbps threshold.
Much of that change is due to a shift, by attackers, from using millions of low-end systems to carry out DDoS attacks to a smaller number of powerful web servers and online content management systems, which are capable of generating far more traffic as part of an attack. Attackers have also adopted new DDoS techniques, such as so-called “reflection” attacks that allow them to amplify their attacks.