|
INCIDENT REPORT – DDoS Outage 7/14/12 – 7/16/12
Incident: Distributed Denial of Service (DDoS) - Advanced Persistent Threat
Date/Time: Approximately Noon CST 7/14/12 to Approximately 11:45am CST 7/16/12
Date of Report: 7/30/12
INCIDENT DESCRIPTION
Approximately Noon CST Saturday, July 14, 2012, the network came under attack by a new type of DDoS (Distributed Denial of Service) known as an Advanced Persistent Threat. An Advanced Persistent Threat is a mixture of different UDP and TCP SYN flood attacks dynamically targeting multiple IP addresses.
CAUSE
A targeted attack of inbound DDoS saturated our IPS Network Security systems with over two million sustained packets per second resulting in massive packet loss.
SCOPE OF THE INCIDENT
The DDoS affected the entire data center network. It knocked out network service to most clients as well as internal email, phone systems and the company website. It affected all IP ranges in use by the company.
(Company name removed)
_________________
The greater danger for most of us lies not in setting our aim too high and falling short; but in setting our aim too low, and achieving our mark. - Michelangelo Buonarroti
|
Login
Register
FAQ
Search
