Microsoft Suffers Another DoS Attack

A Web Exclusive from WinInfo
Paul Thurrott
WinInfo
InstantDoc #19770
WinInfo

Late Friday, Microsoft confirmed that the company had suffered its second Denial of Service (DoS) attack in as many days, resulting in more downtime for its Web presence. The company reported that customers experienced delays accessing Microsoft's Web properties for two 15-minute periods earlier that day, but users I've spoken with say the downtime was worse than that. (Microsoft notes that the attacks--the first one, which occurred Thursday, was responsible for many hours of downtime--were similar.)

"Microsoft accepts full responsibility for the inconvenience our customers have experienced during the past couple of days," the company said in a statement. "We regret the inconvenience this attack has caused. Microsoft took immediate action to deal with the attack and restore normal operations. All sites were up and running normally by 12:30 P.M. Pacific time [Friday]."

Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks, the company admitted that it had learned some painful lessons. "We've already taken steps to change the architecture of our network infrastructure to improve its reliability and availability," Microsoft noted. "We will continue to examine our infrastructure architecture and processes to further safeguard our network resources and provide a great experience for our customers." Microsoft enlisted the Federal Bureau of Investigation (FBI) to help ascertain who was responsible for the attacks and hired Internet content-delivery company Akamai Technology to ensure that such attacks won't succeed in the future. Akamai maintains a wide range of geographically separated DNS servers, which let Internet machines resolve host names, such as www.microsoft.com, into numeric IP addresses. All of Microsoft's DNS servers are in the same location and thus can be easily attacked.

A permanent solution to the DoS problem and related attacks, however, is still years away. Speaking at the annual World Economic Forum in Switzerland last week, Microsoft executive Craig Mundie said that it might be a decade before the Internet can be rearchitected to protect sites from outages. "I personally believe it's going to take 5 to 10 years before changes in the Internet infrastructure [that will protect Web sites] permeate the Internet," Mundie said. Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection," said that his company "is an obvious target" for hackers.

End of Article

A little cognitive dissonance for breakfast:
<br><br>
"Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks...All of Microsoft's DNS servers are in the same location and thus can be easily attacked."
<br><br>
[Microsoft executive Craig] Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection,"

Dave Howard January 31, 2001

You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor? Register now