A denial-of-service (DoS) attack launched Thursday morning against social media management platform Hootsuite, knocked the service offline temporarily.
Hootsuite CEO Ryan Holmes alerted users via email on Thursday evening of the incident, which occurred at about 6:45 a.m. PST.
“I'm writing today to let you know that the HootSuite Engineering and Security teams are working to mitigate the DoS attack,” Holmes wrote. “This interruption was the result of a malicious attempt by an outside party to flood our services in order to shut-down the system.”
Holmes added that no risks were posed to customer accounts or information. The company responded quickly to the threat and is working with hosting providers to block the malicious traffic and identify the source of the attack.
The incident comes on the heels of a recent distributed denial-of-service (DDoS) attack aimed at another company in the social tech space – Meetup. In this case, an unknown attacker attempted to extort the company, threatening to launch the DDoS attack if they didn't pay up.
Matthew Prince, CEO of CloudFlare, a San Francisco-based security and site performance service provider that helps mitigate these threats, believes a trend is forming when it comes to these incidents.
“What I think has happened recently is that there are one or more groups that are launching these extortion-based attacks,” Prince told SCMagazine.com on a call Thursday. “They're sending an email that says pay us some amount of money, a relatively trivial amount, or we'll launch an attack.”
While previous headline-grabbing assaults of this nature involved larger companies in the e-commerce space, Prince believes criminals are shifting their focus toward organizations that are well-known, but don't have the resources to handle these threats.
“That's the change in this type of attack M.O.,” he said. “That's been going on now for the last three months or so. You just have to have a larger network than the attacker in order to mitigate it.”