NS1 is hit by prolonged attack causing disruption in the U.S, Europe and Asia
On Monday, hackers launched an attack against the prominent network provider NS1 which effected access to high-profile sites globally. The provider – who supply domain name servers was under constant threat throughout the day and only found respite at the end of Monday. Jonathan Lewis, vice-president of the company said in a statement, “We had performance degradation in several markets with the US and Europe seeing the greatest impact“.
The V-P could – or would not – name the attackers, only stating that it was “complex and evolving attack spanning a number of techniques“. NS1 is based in New York and serves heavy-traffic sites such as cartoon site XKCD and Yelp. Another customer of the company, Imgur reported problems for users in Europe – as did OneLogin, a secure ID management company.
The attack was launched around 10.45am (New York). This was a distributed denial-of-service (DDoS) in which the target system is literally overwhelmed by orchestrated hacker traffic (either manual, or using botnets) and is unable to function normally. The company said that by afternoon they had managed to stabilize the situation, and attained a defensive posture by making certain reconfigurations. Despite this mitigation, the attack continued, disrupting services into the evening.
Lewis said the onslaught was “one of the largest and most sophisticated we have ever observed,” with “many tens of millions of packets hammering our network every second, complex migration of traffic across the network, and a series of precise strategies for targeting our systems“. However, NS1 declined to put a figure on the number of attackers.
The motive for the attack is not clear. DDoS exploits of such a size are rare because of the coordination needed. And no group has yet taken credit – which is unusual. Watch this space.