Yesterday we reported that Wikileaks‘ web site suffered a denial of service (DOS) attack just before the publication of its most recent cache of documents. The site was down for only a few hours, according to Forbes’ Andy Greenberg.
Today, The Guardian reports that Wikileaks turned to Amazon.com’s Elastic Cloud Computing (EC2) service to get back online and survive the DOS attack.
Sponsor
There are various ways to conduct a DOS attack, but most methods work by placing an enormous burden on a server. For example, one might make a huge number of frivolous requests for pages of a web site until the server is overloaded.
Wikileaks originally claimed it was receiving a distributed DOS attack. A self-described “hacktivist” using the name th3j35t3r took credit for the attack, and claims it was not a distributed DOS attack.
The Guardian says that the EC2 pricing model makes the service less vulnerable to DOS attacks. However, last year a DDOS attack brought down the EC2 hosted site Bitbucket. That incident led to some to caution against using cloud hosting for mission critical services. However, it could be that EC2 has improved its defenses against DOS attacks. A highly scalable infrastructure would certainly help, as would hosting content on multiple providers.
Update: George Reese of the cloud security company Enstratus tells us that the attack on BitBucket was very different from the attack on Wikileaks. The BitBucket attack was targeted a vulnerability specific to EC2 that Amazon.com claims to have fixed. The WikiLeaks attack was a generic DOS attack from outside the network. The BitBucket attack actually targeted internal IO resources.
According to the Guardian, not all of Amazon.com’s servers are hosted in the US and “it could cause a major incident if the US government were to take action against a company on the basis that it might be hosting material the government finds embarrassing.” It may be unlikely that the US government would take action against Amazon.com, but it is possible that Amazon.com would decide to remove Wikileaks on its own.
However, the latest cache of documents are not hosted on the same servers as the rest of the Wikileaks site. cablegate.wikileaks.org is hosted by a French company called Octopuce.
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.