Incident Response, TDR, Threat Management

DoS attack takes down Hootsuite

A denial-of-service (DoS) attack launched Thursday morning against social media management platform Hootsuite, knocked the service offline temporarily.

Hootsuite CEO Ryan Holmes alerted users via email on Thursday evening of the incident, which occurred at about 6:45 a.m. PST.

“I'm writing today to let you know that the HootSuite Engineering and Security teams are working to mitigate the DoS attack,” Holmes wrote. “This interruption was the result of a malicious attempt by an outside party to flood our services in order to shut-down the system.”

Holmes added that no risks were posed to customer accounts or information. The company responded quickly to the threat and is working with hosting providers to block the malicious traffic and identify the source of the attack.

The incident comes on the heels of a recent distributed denial-of-service (DDoS) attack aimed at another company in the social tech space – Meetup. In this case, an unknown attacker attempted to extort the company, threatening to launch the DDoS attack if they didn't pay up.

Matthew Prince, CEO of CloudFlare, a San Francisco-based security and site performance service provider that helps mitigate these threats, believes a trend is forming when it comes to these incidents.

“What I think has happened recently is that there are one or more groups that are launching these extortion-based attacks,” Prince told SCMagazine.com on a call Thursday. “They're sending an email that says pay us some amount of money, a relatively trivial amount, or we'll launch an attack.”

While previous headline-grabbing assaults of this nature involved larger companies in the e-commerce space, Prince believes criminals are shifting their focus toward organizations that are well-known, but don't have the resources to handle these threats.

“That's the change in this type of attack M.O.,” he said. “That's been going on now for the last three months or so. You just have to have a larger network than the attacker in order to mitigate it.”

A majority of DoS and DDoS attacks are meant to flood a service's traffic so users can't access it, while others are used as diversion tactics so hackers can find a way into the service and tap into sensitive data.

However, attacks such as these can hurt a company's brand reputation, customer confidence, as well as garner some unwanted media attention, said Ashley Stephenson, CEO of Corero Network Security, a Hudson, Mass.-based security firm that specializes in DDoS mitigation.

“For an event of this type, which even though its duration was limited, there is a multi-day long tail of continuing undesirable impacts,” he said in a Friday email to SCMagazine.com.

Even if companies are armed with proper security tools, protocols, a competent technical team, and responsive upstream service providers, Prince thinks it may not be enough.

“All of those things are laid to waste because your pipes just fill up and you can't stay on top of the traffic,” he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.