Microsoft has announced that it was the victim of two denial of
service attacks on consecutive days last week causing disruption to
its web site access. The company said the attacks were unrelated to
problems earlier the same week that disabled its network of sites
for 24 hours.
Denial of service attacks are a form of cyber-vandalism, committed
by individuals who flood a web server with false and untraceable
requests for information, overwhelming the system and ultimately
crashing it. Other major web sites including Amazon.com, eBay and
Yahoo! have also been hit by such attacks in the past causing
disruption to their businesses.
The Microsoft attacks happened on Thursday and Friday of last
week. In a statement issued following Thursday’s attack, the
company said it had notified the FBI. Following Friday’s attack,
Rick Devenuti, Vice President and Chief Information Officer of
Microsoft added:
“Microsoft accepts full responsibility for
the inconvenience that our customers have experienced over the past
couple of days… Unfortunately, as we have learned over the last few
days, we did not apply sufficient self-defence techniques to our
use of some third-party products at the front-end of parts of our
core network infrastructure.
“Through the painful lessons we've learned
this week, we've already taken steps to change the architecture of
our network infrastructure to improve its reliability and
availability for customers.”
Some experts say that Microsoft left itself wide open to attack
due to the configuration of its DNS (Domain Name System) servers.
DNS is responsible for translating cryptic IP (Internet Protocol)
addresses into more easily remembered domain names and vice versa,
routing mail to its proper destinations and other fundamental
internet services.
A survey run last week by a DNS consultancy, Men & Mice,
shows that approximately 38% of .com domains have the same DNS
configuration problem that allowed some of Microsoft's most popular
web sites to crash for over 24 hours and made it vulnerable to the
denial of service attacks.
The survey was carried out on a random sample of almost 4,910
active .com web sites. It showed that 38% of the domains are
running all of their DNS Server on the same network segment and
thus creating a single point of failure with regard to DNS.
Director of Surveys at Men and Mice, Sjofn Agustsdottir, said
that "It is clear that a stunning number of companies have serious
DNS configuration problems which can lead to failure at any time. A
single point of failure can go undetected for months which is
simply a disaster waiting to happen."
