A DDoS attack has taken out British domain registrar 123-reg. 123-reg, the biggest domain registrar in the United Kingdom, revealed that it had been the target of a distributed denial of service attack (DDoS) at 11 a.m. Wednesday morning. The company said the attack meant the site may have been inaccessible to customers and the surge of traffic could have prevented people from accessing 123-reg's status page.
"Generally our status page is updated with information of any work that is on-going, however in a DDoS situation like this customers may not be able to get to that page," the company said in a statement. "Our first port of call is to update our phone status message, Tweet and post on FaceBook, which we did. During this period of time we had an influx of calls coming through to us where our phone system and team were able to inform customers of the current status."
Despite customers possibly remaining out of the loop, it sounds like 123-reg got things under control pretty quickly.
"Being the largest domain provider we are a prime target for this type of activity, and we know this type of activity is on the increase – particularly in Europe – as recent press coverage has shown," the company explained. "With that in mind, 123-reg takes the protection and monitoring of our core infrastructure very seriously. To support that we have built in redundancy within the core network and a team in place to support this. Through that team we were able to quickly respond and start making changes immediately."
Though the statement now available on 123-reg's website mentions nothing about the people responsible for the attack and where it may have originated from, it seems an early statement from the company indicated that the DDoS came from China. The Register reports that 123-reg's site had the following statement live on its site for a short while:
From 11:30 to 22:50 our network was undergoing a massive distributed denial of service attack from China. Due to the nature and size of this attack the firewall systems in place needed to be reconfigured to block the bad traffic and allow the good traffic through.
This statement no longer appears on 123-reg's website and the company has yet to elaborate on the mention of China, or explain why the statement was removed. We'll keep you posted!
They are one of the worst registrars out there stealing domains and blackmailing users by taking domains hostage.
This comment just seems to be in denial. China refers the mainland and a few periphery islands known as the PRC. We all know this.
1) Chinese gov't sponsored DDoS
2) DDoS originating from computers located in China geographically, and conducted by private Chinese individuals and/or businesses
3) DDoS originating from computers located in China, but only because they are infected with botnet software (being pirated copies of Windows, this is a distinct possibility), and orchestrated by individuals and/or entities located elsewhere.
Those are three very different interpretations of "China", with radically different political and social implications.