Linode's crippling cyber-siege enters day four

And punters aren't happy about the downtime


Virtual server host Linode has been on and offline since Christmas Day as it weathers an ongoing denial-of-service attack. Four days in, its customers are getting grumpy.

Linode

Status page ... Linode still suffering days after attacks began

"We are currently aware of a DoS attack that is affecting the Linode Manager/Website and our Dallas datacenter. This post will be updated as soon as we have more information to provide," the biz said in the wee small hours of Christmas Day.

While billions settled in for the end-of-year festivities, floods of network traffic overwhelmed Linode's systems in Dallas, Texas, and took parts of its website down. By 3am on the 26th, the waves of packets seemed to be dying down, but then the attackers shifted their sights to the company's other data centers.

Later that day, Linode's data centers in Atlanta, Georgia, and Newark, New Jersey, took hits – as did the company's London hosting center. The assailants then started hammering the Dallas data center again, effectively knocking people's virtual servers offline.

Atlanta, Newark, and London were brought back online a day later, although the two US data centers, plus a third in Fremont, California, were soon floored again. Now it seems only the Dallas site is under attack, causing "degraded performance," according to Linode.

Punters have been venting about the situation, with the linuxadmin and webdev subreddits getting complaints. With little more than stock statements coming out of Linode, some users are threatening to move to rival services, such as Vultr and DigitalOcean.

A spokesperson for Linode was not available for comment. ®

Broader topics


Other stories you might like

  • Cloudflare says it thwarted record-breaking HTTPS DDoS flood
    26m requests a second? Not legit traffic, not even Bill Gates doing $1m giveaways could manage that

    Cloudflare said it this month staved off another record-breaking HTTPS-based distributed denial-of-service attack, this one significantly larger than the previous largest DDoS attack that occurred only two months ago.

    In April, the biz said it mitigated an HTTPS DDoS attack that reached a peak of 15.3 million requests-per-second (rps). The flood last week hit a peak of 26 million rps, with the target being the website of a company using Cloudflare's free plan, according to Omer Yoachimik, product manager at Cloudflare.

    Like the attack in April, the most recent one not only was unusual because of its size, but also because it involved using junk HTTPS requests to overwhelm a website, preventing it from servicing legit visitors and thus effectively falling off the 'net.

    Continue reading
  • Man gets two years in prison for selling 200,000 DDoS hits
    Over 2,000 customers with malice on their minds

    A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks.

    A US California Central District jury found the Prairie State's Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

    Gatrel, was convicted of owning and operating two websites – DownThem.org and AmpNode.com – that sold DDoS attacks. The FBI said that DownThem sold subscriptions that allowed the more than 2,000 customers to run the attacks while AmpNode provided customers with the server hosting. AmpNode spoofed servers that could be pre-configured with DDoS attack scripts and attack amplifiers to launch simultaneous attacks on victims.

    Continue reading
  • Teeth marks yield clue to widespread internet outage in Canada
    The chompers belonged to a beaver and offer a parable on the risks of a shared physical layer

    Here:s a novel cause for an internet outage: a beaver.

    This story comes from Canada, where CTV News Vancouver yesterday reported that Canadian power company BC Hydro investigated the cause of a June 7 outage that "left many residents of north-western British Columbia without internet, landline and cellular service for more than eight hours."

    That investigation found tooth marks at the base of a tree that fell across BC Hydro wires. Canadian mobile network operator shares the poles BC Hydro uses, so its optical fibre came down with the electrical wires.

    Continue reading
  • Cloudflare's outage was human error. There's a way to make tech divinely forgive
    Don't push me 'cos I'm close to the edge. And the edge is safer if you can take a step back

    Opinion Edge is terribly trendy. Move cloudy workloads as close to the user as possible, the thinking goes, and latency goes down, as do core network and data center pressures. It's true  – until the routing sleight-of-hand breaks that diverts user requests from the site they think they're getting to the copies in the edge server. 

    If that happens, everything goes dark – as it did last week at Cloudflare, edge lords of large chunks of web content. It deployed a Border Gateway Protocol policy update, which promptly took against a new fancy-pants matrix routing system designed to improve reliability. Yeah. They know. 

    It took some time to fix, too, because in the words of those in the know, engineers "walked over each other's changes" as fresh frantic patches overwrote slightly staler frantic patches, taking out the good they'd done. You'd have thought Cloudflare of all people would be able to handle concepts of dirty data and cache consistency, but hey. They know that too. 

    Continue reading
  • Malaysia-linked DragonForce hacktivists attack Indian targets
    Just what we needed: a threat to rival Anonymous

    A Malaysia-linked hacktivist group has attacked targets in India, seemingly in reprisal for a representative of the ruling Bharatiya Janata Party (BJP) making remarks felt to be insulting to the prophet Muhammad.

    The BJP has ties to the Hindu Nationalist movement that promotes the idea India should be an exclusively Hindu nation. During a late May debate about the status of a mosque in the Indian city of Varanasi – a holy city and pilgrimage site – BJP rep Nupur Sharma made inflammatory remarks about Islam that sparked controversy and violence in India.

    Continue reading
  • IT downtime not itself going down, power failures most common cause
    2022 in a nutshell: Missing SLAs, failing to meet customer expectations

    Infrastructure operators are struggling to reduce the rate of IT outages despite improving technology and strong investment in this area.

    The Uptime Institute's 2022 Outage Analysis Report says that progress toward reducing downtime has been mixed. Investment in cloud technologies and distributed resiliency has helped to reduce the impact of site-level failures, for example, but has also added complexity. A growing number of incidents are being attributed to network, software or systems issues because of this intricacy.

    The authors make it clear that critical IT systems are far more reliable than they once were, thanks to many decades of improvement. However, data covering 2021 and 2022 indicates that unscheduled downtime is continuing at a rate that is not significantly reduced from previous years.

    Continue reading

Biting the hand that feeds IT © 1998–2022