Today at around 7:30 am Pacific Time, Codero, a website hosting provider was targeted by with Distributed Denial of Service (DDoS) attack that originated in China. This attack affected at least 5000 customers and 3 other web site hosting companies.
While this kind of attack is not new, nor is it excessively large when we are talking about a potentially state sponsored act of sabotage, it is a significant downside of the cloud computing. Why do we assert that this is a potentially state sponsored act? It turns our that the target of the attack was one of Codero’s customers whose web site is critical of communism, which of course is contrary to the Chinese government’s view.
The problem with cloud computing that this attack has painfully exposed is that customers share infrastructure of the hosting company. Even in the case of dedicated servers, as opposed to shared servers, the customers still share switches that get overloaded. In the case of the Codero outage, because the common switched were overloaded with 1.5 million packets per second of traffic, all the servers, including the dedicated one, behind them were cut off from the internet for several hours.
Thus, a savvy IT Manager has to always weigh the potential of shared infrastructure hosted elswhere being attacked because of other unrelated customers versus the his own ability to configure a secure and redundant host. For companies that run mission critical servers, it is always prudent to first make and then have independent consultants verify, a complete multi-site distributed IT redundancy plan. It is imperative in today’s ever more complex technology environment to take into account the degree to which the openness of the internet has penetrated and meshed with our internal IT operations.