Anonymous “security leader” claims responsibility for the attack
Thousands of web sites have been knocked offline after hosting service GoDaddy.com crashed, possibly as the result of a cyber attack.
GoDaddy is the world’s largest domain registrar and one of the biggest web hosting companies. Thousands of websites, including many online small and medium businesses, were knocked offline for around seven hours on Monday.
The company posted on its Twitter feed that most sites are now back online and that it is still investigating the cause of the downtime. The company also stressed that no customer data was compromised.
Its most recent Twitter update said: "Most customer hosted sites back online. We’re working out the last few kinks for our site & control centers. No customer data compromised."
A Twitter user calling himself @AnonymousOwn3r, who claims to be the "security leader" of hacking collective Anonymous, claimed responsibility for the attack. "Hello http://godaddy.com/ now yes! all servers #tangodown by@AnonymousOwn3r," he wrote.
"I’m taking GoDaddy down because well I’d like to test how the cyber security is safe and for more reasons that I can not talk now," he added in another tweet.
However other accounts affiliated with Anonymous claimed @AnonymousOwn3r had been acting alone. "Please redirect your godaddy hate to @AnonymousOwn3r says is the ‘leader’ of Anonymous. #derp Have #lulz with that," said a tweet from @YourAnonNews.
It is unclear at the moment how the sites were taken offline, or whether Anonymous was even involved. It GoDaddy was brought down by a cyber attack it is likely that it was via d DDoS – when hosting servers are flooded with so many requests they crash, taking websites offline.
It seems the attack was aimed at the DNS infrastructure. Chester Wisniewski of Sophos said attacks like this are "nothing new. It is possible for a relatively small number of hosts to perform a DNS reflection attack against poorly configured DNS hosts," he wrote.
"There are ways of mitigating DNS attacks, but we are still not sure that is what occurred here. It might be a good time to review your critical infrastructure and ask your service providers what capabilities they have to ensure your business stays online if you are targeted or have equipment failures," he added.
However this does seem an odd target for Anonymous, or people claiming to be affiliated with it, to attack. Its targets generally are government and law enforcement agencies or big multinational organisations. GoDaddy, while itself a big company, hosts websites for thousands of small businesses, which would have been negatively impacted by the takedown. That does nothing to help the 99% Anonymous claims to be fighting for.
GoDaddy’s support for anti piracy law SOPA is thought to be one reason behind the attack, even though the company reversed its position a while ago.