Linode, one of the world's top providers of virtual private servers (VPS), battled with a DDoS attack over the weekend that targeted its Atlanta data center and which the company has described as "catastrophic."
The attack started on Saturday, September 3, around 21:00 UTC, and got the Linode team scrambling for answers.
Three and a half hours later, Linode engineers were informing customers of "experiencing a catastrophic DDoS attack which is being spread across hundreds of different IP addresses in rapid succession, making mitigation extremely difficult."
During all this time, connectivity to the service was down, affecting Linode customers such as Clojars , a repository of open source Clojure libraries that relies on the Linode infrastructure.
The attack started subsiding by Monday, September 5, around 21:30 UTC. The attack's start and end date were perfectly timed to fit the US Labor Day extended holiday weekend.
It's likely that attackers hoped the take advantage of the smaller number of Linode personnel on hand to respond to the attack in order to penetrate the company's network, or launch other secondary attacks harder to mitigate with fewer employees around.
This is not the first time Linode suffered a "catastrophic" DDoS attack that ended in a security breach. From Christmas 2015 to early January 2016, the company had to deal with a two-week-long DDoS attack , at the end of which customers reported unauthorized logins to their accounts. Linode reset account passwords after discovering the intrusions.
Someone is not having a good weekend: https://t.co/7jaTQSez3J - These @linode guys need a break. ― Daniel Cid (@danielcid) September 4, 2016
Now seriously, whats the real deal behind so many DDoS attacks to linode? ― Daniel Sovino (@dsovino) September 4, 2016
Hey, @Linode , can't you get @realDonaldTrump to build a great, big firewall around your Atlanta datacenter? #DDoS #again ― Maarten Schenk (@mschenk) September 4, 2016
Another Linode outage caused by DDoS. Second in the past year, it's getting old. ― Joe Brockmeier (@jzb) September 4, 2016
@linode Maybe the ddos is caused by too many people simultaneously opening up tickets? ― jason pearl (@jsonperl) September 3, 2016
Now being called "a catastrophic DDoS attack" at #linode #Atlanta Data Center. Going on almost 5 hours now. pic.twitter.com/4AWufXmkkw ― John Birchman (@johnbirchman) September 4, 2016Linode is under attack! #DDoS
I repeat, @linode is under attack. Oh wait, stabilized now: https://t.co/25Uxbof5bo pic.twitter.com/bHBRIMXLd5― Shreyas Narayanan (@dun3buggi3) September 4, 2016