As you probably are aware, the sites on all data centers have experienced slowness and downtime for brief periods of time during the last 4 days. We want to apologize for any inconvenience this might have caused you, and offer you a detailed explanation on what happened and what measures we're taking to prevent this in the future.
Since Friday, August 1st, we were confronted with a series of DDoS attacks (Distributed Denial of Service) on our DNS servers that caused intermittent slowness and downtime for sites in all data centers. The DDoS attack was executed at UDP level against all our DNS servers and was initiated from thousands of IP addresses distributed around the world. Because of the multi-tenant architecture of Business Catalyst, the attack impacted all sites hosted on our data centers before being contained by our engineering team.
During and following the incidents, we have blocked most of the IPs addresses that were identified as being part of the attacks. Since we cannot assume that the attacks will stop, we have added additional protection mechanisms and increased our network capacity so that we can better cope with the attack.
Providing the highest quality of service to our customers is a serious priority, and we are taking steps in order to prevent such incidents in the future:
- Adding additional protection mechanisms to limit the impact of such large scale attacks in the future
- Upgrading internal infrastructure to increase the capacity of the data centers
- Deploying improved detection systems that automatically black list and block IPs identified as taking part into an attack
- Improving automatic filters for faster reaction times and reduced impact
We apologize for the inconvenience caused by these recent issues.
The Adobe Business Catalyst Team