Tuesday, February 1, 2011
Arbor Networks targeted after DDoS report
Arbor Networks has sent over the following statement / Q&A:
Q: What is going on with arbornetworks.com?
A: We are experiencing intermittent outages of our Website and are working with our upstream provider to address the issue.
Q: Is Arbor under a DDoS attack?
A: As a security vendor, Arbor is constantly the target of attacks and attack threats. It is part of doing business in this space.
Q: Anonymous is taking credit, is that true?
A: We are not going to comment on any group’s claims, nor are we going to comment on what we are doing to resolve this or any other Website outages.
[Note: The questions and answers were emailed to TTH by Arbor Networks. They are not our own.]
Arbor Networks was made an official target of Operation Payback for a short time earlier this afternoon. The Distributed Denial-of-Service (DDoS) campaign started after some of the individuals gathered online noticed Arbor Networks' commentary on Operation Payback’s recent DDoS actions, including a comment that they were small and unsophisticated.
Global messages sent to users on the AnonOps IRC network said that Arbor Networks insulted them “...by saying a number of things. It is your job to show them we are sophisticated and organized.”
The insult appeared in a blog post by Craig Labovitz, the chief security scientist with Arbor Networks. The post, titled “The Internet Goes to War”, said that the recent actions taken by Operation Payback, such as the DDoS attacks on MasterCard, Post Finance, Visa, and PayPal were both “relatively small and unsophisticated”.
“In short, other than [the] intense media scrutiny, the attacks were unremarkable… While the last round of attacks lead to brief outages, most of the carriers and hosting providers were able to quickly filter the attack traffic,” Labovitz said.
“In addition, these attacks mostly targeted web pages or lightly read blogs — not the far more critical back-end infrastructure servicing commercial transactions. By the end of the week, Anonymous followers had mostly abandoned their attack plans as ineffective.”
The Tech Herald has been online speaking with, and observing those Anons who are loosely associated with Operation Payback, for some time. The halt in DDoS operations was not due to a perceived failure. They stopped mostly because many of them felt that the point had been made. Others moved on to things such as Operation Leakspin.
This afternoon, as word of the Arbor Networks’ blog post filtered out, links to The Register started to spread in the IRC chatrooms. This led to calls for manual DDoS targeting. Soon after that, what started as a manual and unofficial DDoS campaign on www.arbornetworks.com, was quickly picked up by others. At 13:40 EST they were named an official target.
In true Anonymous fashion, some immediately followed the fold and targeted Arbor Networks, while others questioned the logic of such a response. Many viewed Labovitz’s comments as a calling out of sorts, so a response was needed. Think of it as a “this is what you get” type of DDoS.
Others took his comments at face value, and saw no reason for a response at all.
We spoke to a few people who refrained from participating in the Arbor Networks DDoS. Their reasons were that such an attack denies people access to the blog post, and as such removed Arbor Networks’ freedom of speech. The exact thing that Operation Payback was defending last week.
The targeting lasted about an hour. During that time Arbor Networks’ domain was reduced to a crawl or down completely. As we post this, the domain remains offline.
Online, one Anon reminded the others that they needed to remember the whole point of Operation Payback.
“Things like this [DDoS attacks] cause little harm and get publicity. Publicity grows the ranks. Arbor Networks simply said we're powerless. We simply demonstrated that they're wrong. It's a statement and it’s the sentiment that counts. No harm will be caused.”
Another remarked that the DDoS was a good test against Arbor Networks anti-DDoS software. "...their DDoS prevention failed, and their statement has been discredited."
We’ve reached out to Arbor Networks for comment, but calls were not returned by the time this went to press. As more information becomes available, we will update this post.