[ISN] Datacenter power outage and DDoS attack cripples VoIP vendor

From: InfoSec News <alerts_at_private>
Date: Fri, 19 Aug 2011 04:30:52 -0500 (CDT)
http://www.zdnet.com/blog/datacenter/datacenter-power-outage-and-ddos-attack-cripples-voip-vendor/974

[Pointed out in the comments is the nugget that Ooma had a very similar 
outage in 2009 and what steps they planned to mitigate a future outage 
from happening again. Oops...  - WK]


By David Chernicoff
Five Nines: The Next Gen Datacenter
ZDNet
August 18, 2011

How many cloud failures have to happen before consumers take notice?

Ooma, a VoIP provider had the dual inconveniences of what they described 
as a “rare” partial power failure at their unnamed datacenter provider 
and what appeared to be asimultaneous DDoS attack on their corporate 
website, which left their customers unable to use their service, or even 
check on the status of their accounts while Ooma rushed to recover from 
the problems.

The service was only down for three hours, starting at 5:40 AM Pacific 
Time, which means that the issue was resolved by the time West Coast 
customers got to their offices, but anyone further east would have found 
their business impacted by the outage. Given that Ooma’s primary 
marketing approach is for their free home phone service it is likely 
that their customers, who are home users, would have been somewhat in 
the dark about what was going on and tried to connect to the company 
website.  According to the Ooma corporate blog, it was the sudden rush 
of customers, that no longer had phone services, trying to access the 
corporate home page that caused what appeared to be a DDoS attack.

Of course, the explanation is of little value to customers who found 
themselves without service. This is true of any cloud-based outage; 
customers won’t care why it happened, they just don’t want it to happen 
again.  And it is the primary Achilles Heel of cloud based services; 
anything that can cause a service interruption eventually will, and it 
is next to impossible to prevent every potential failure.

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Fri Aug 19 2011 - 02:30:52 PDT

This archive was generated by hypermail 2.2.0 : Fri Aug 19 2011 - 02:34:01 PDT