Company hosting Joe Wilson fundraising site recovers from DDoS attack
Piryx CEO says attack was politically motivated
Computerworld - A company providing online payment-processing services for U.S. Rep. Joe Wilson (R-S.C.) is back online after being disrupted by a distributed denial-of-service attack over the weekend.
The attack on Piryx began Friday afternoon and lasted into the early hours of Saturday morning, temporarily disrupting a Wilson fundraising effort that was under way at that time, Piryx CEO Tom Serres said. It also knocked out services for about 150 other Piryx clients, he said.
Piryx is a nonpartisan Austin-based start-up that provides services to help political candidates and nonprofits manage online campaigns and fundraising.
Serres said the company was contacted by Wilson's office last week and asked to manage online donations from supporters rallying behind the congressman after he shouted "You lie!" during President Obama's address to Congress on health care reform Wednesday.
Hours after the company began hosting Wilson's home page on its servers, Piryx found itself the target of a distributed denial-of-service attack, Serres said. Such attacks are designed to render servers and networks inaccessible by flooding them with useless traffic.
The attacks appear to have been directed at the JoeWilsonforCongress.com site, Serres said. At the time the attacks started, the site was handling about 100 transactions per minute and had already collected more than $100,000 from people who wanted to contribute to Wilson's campaign, he said.
Initially, the traffic generated by the DDoS attack was manageable, but soon Piryx began noticing "massive bandwidth spikes" that knocked its servers offline, Serres said. The data center hosting Piryx's servers confirmed that it was the victim of a DDoS attack. At its peak, the DDoS flood generated about 1Gbit/sec. of traffic, which is about 1,000 times the normal traffic on Piryx, Serres said.
After several failed attempts at mitigating the attacks, filters were put in place to block the traffic early Saturday morning. Service has been normal since then, Serres said. It's not known from where the attacks originated, but he said it appears to have been initiated by those opposed to Wilson's comments. "It was clearly politically motivated to take down Wilson's ability to raise funds online," Serres noted.
The incident appears to be one of the rare instances of a politically motivated attack against a Web site in the U.S., said Kirsten Dennesen, an intelligence analyst with VeriSign's iDefense Labs. The attention attracted by Wilson's comments, especially through social media tools such as Facebook and Twitter, appears to have contributed to the attack, she said.
"One question is whether there are going to be any response attacks," she added.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts