Like many people I make use of virtual servers from a major domain provider. It’s so easy to provision a server, setup a new domain name and add email addresses. The cloud is truly easy and low cost for a small business, but there is a catch. One that hit me this week.
I use godaddy.com as my provider, and this week they were hit by a denial of server (DDOS) attack.
It seems some would-be anarchist thought that taking down a lot of websites would either be fun or would make a point. Well I have no idea what point they were trying to make, but it was truly annoying.
It seems that even a single spotty teenager can take down a huge cloud with a few zombie machines.
It seems that to keep the cost of the cloud down and to make it easy to use, they skimped on security.
What did bring a little light into a dark situation was that they definetly use their own servers for their help desk. I called the helpdesk number when I noticed the servers were down and what I heard at the other end was frankly excellent.
Rather than the ususal “Welcome to Godaddy’s help desk queue. Your business is important to us, so we will make you listen to this message for a while etc..” what I got was “w,w,w,w,w,w,w,w go, go, go, go godaddy go, go go, welc, welc, welc” it was like a blast from the past. I thought I may have reached either max headroom or possibly the HAL 9000 just after Dave had removed those circuit boards.
I didn’t get to speak to a help desk agent, but while waiting I picked up the story online from a dozen sources, so knew what was going on.
The systems were down for several hours. I hear it may have been ALL their clients who were down.
Here’s hoping cloud technology implementations get better, there is no way that large cloud vendors can survive longterm if they don’t work out how to move beyond this (low) level if risk.