Hosting and managed cloud provider Rackspace has been taken offline for more than 12 hours by a massive DDoS attack.
Rackspace posted a warning on its official Google+ page stating: “On December 21st, at approximately 23:54 CST, backbone engineers identified a UDP DDoS attack targeting the DNS servers in our IAD, ORD, and LON data centers. As a result of this issue, authoritative DNS resolution for any new request to the DNS servers began to fail in the affected data centres....a portion of legitimate traffic to our DNS infrastructure may be inadvertently blocked. Our teams are actively working to mitigate the attack and provide service stability.”
The company has not disclosed who they believe may be behind the malicious attack, which lasted for more than 12 hours. After deploying mitigation services, however, Rackspace has managed to “fully resolve the impact to our DNS infrastructure...at 12:15CST”, and has blacklisted DNS servers that were “sending both legitimate and DDoS traffic to Rackspace” although customers may not be entirely safe yet, as The Register reports.
“Users may not be entirely out of the woods, as its most recent update says, 'If you continue to experience adverse impact, please reach out to your support teams and provide trace route information for further investigations.'”
In spite of the full disclosure and rapid response public reaction has been mixed as TechWeekEurope reports, with comments on the incident ranging from “it is an utter shambles” to “it can be tough to discriminate between legitimate and nefarious traffic coming from the same IP...”
Rackspace provides enterprise-level hosting to more than 205,000 customers on four continents and has won a string of awards.