Attack was targeted, says Akamai

Akamai Technologies said that it was the victim of a sophisticated, large-scale attack aimed at specific customer websites.

Akamai Technologies has said that it was the victim of a sophisticated, large-scale attack aimed at specific customer websites.

The company backed away from earlier statements that it was caught up in a broad attack on the internet infrastructure, and said that the company's DNS (domain name system) service was attacked for two hours, affecting about 4% of its customers.

Akamai is working with US federal law enforcement to investigate the attack.

Monitoring systems at the company quickly detected the attack and the company's staff worked with customers and network providers to shut off the source of the attack.

Web monitoring firm Keynote Systems estimated that access to some sites was diminished by as much as 80% during the attack.

Less than 1% of Akamai customers experienced disruptions affecting more than 20% of their users, Akamai said.

Monitoring services often use private DNS servers to check website availability, while most internet users rely on public servers to find web pages. If private DNS servers cannot resolve a request to visit a site, the site might be labelled "unavailable", while public DNS servers would try repeatedly to contact the site, Akamai said.

Public DNS name servers used by most end-users worldwide were able to find the websites that were under attack using DNS resolutions from Akamai.

Staff at Microsoft were aware of the service interruptions at Akamai but did not receive any registered reports of a direct customer impact from the attacks, according to a company spokeswoman.

Word of a problem at leading sites circulated on the internet in news groups and on IRC (internet relay chat) channels, as web surfers received error messages when trying to reach, and other sites.

An Akamai spokesman initially acknowledged that the company's DNS service was under attack, but attributed the problem to a larger attack not limited to Akamai's systems. Akamai, however, was unable to name other sites that were experiencing a problem and companies that monitor prominent websites said that they could not find evidence of a widespread attack.

Akamai technical staff have analysed the attack and concluded that it targeted specific websites that use Akamai's DNS service, rather than the broader DNS infrastructure.

Paul Roberts writes for IDG News Service

Read more on IT risk management