Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Linode Resets Passwords as DDoS Attacks Continue

    By
    Sean Michael Kerner
    -
    January 6, 2016
    Share
    Facebook
    Twitter
    Linkedin
      Lincode breach

      Linode is having a rough start to 2016. The cloud hosting provider has been suffering from a series of distributed denial-of-service attacks that were first reported on Dec. 25, impacting multiple Linode data center locations, including Dallas; Atlanta; Newark, N.J.; Fremont, Calif.; Singapore; Frankfurt, Germany; and London. Adding to Linode’s woes, on Jan. 5, after an unauthorized access was discovered, the company informed its customers that they all need to reset their passwords.

      The Linode status page provides a running tally of the ongoing attacks and Linode’s attempts to mitigate to the issue. The company optimistically wrote on Dec. 26 that “the attacks have subsided for long enough that we believe this incident can be considered resolved.” Unfortunately for Linode and its customers, attacks have continued against various pieces of Linode’s global footprint.

      “Over the course of the last week, we have seen over 30 attacks of significant duration and impact,” Alex Forster, network engineer at Linode, wrote. “As we have found ways to mitigate these attacks, the vectors used inevitably change.”

      As Linode worked tirelessly to mitigate the DDoS attacks, it also discovered unauthorized access into three user accounts. A security investigation into the unauthorized access turned up another disturbing detail—that an external machine had a pair of Linode user credentials on it.

      “This implies user credentials could have been read from our database, either offline or on, at some point,” Linode warned in a status update. “The user table contains usernames, email addresses, securely hashed passwords and encrypted two-factor seeds.”

      To mitigate the risk of a user database breach, Linode is triggering a password reset for its users. At this point, Linode is not aware of any link between the potential user access breach and the ongoing DDoS attacks.

      “We have not been contacted by anyone taking accountability or making demands,” Linode stated. “The acts may be related and they may not be.”

      Security experts contacted by eWEEK had mixed views about the Linode security incident. Scott Petry, co-founder and CEO of Authentic8, said Linode has had security-related issues in the past.

      “They had a similar database breach in April of 2013 that forced a password reset for all their users,” Petry told eWEEK. “So I guess the thing that surprises me is that they’re still having these issues.”

      Justin Harvey, chief security officer at Fidelis Cybersecurity, is taking a positive spin on the incident, in terms of how Linode is communicating to its users about what is happening. “They [Linode] shared a lot of information and as an external observer, they’re doing all the right things: being upfront about the issues, exposing their thought process and offering up the plan,” Harvey told eWEEK. “This is a great example of how it should be done.”

      Linode Resets Passwords as DDoS Attacks Continue

      Jake Kouns, chief information security officer at Risk Based Security, echoed those positive sentiments, saying that it is good to see Linode providing information about the incident to its customers and that the company appears to be on top of issue. The Linode investigation found unauthorized log-ins of just three accounts, which could be the result of something as simple as Linode’s customers being phished for credentials, but it did lead to finding two credentials on some external machine, he added.

      “This makes it is seem quite small and contained on the surface,” Kouns told eWEEK. “However, if they have expired all customer passwords, then there is likely evidence of a larger compromise or they aren’t feeling 100 percent comfortable at this point and are taking the step as a precaution.”

      In terms of a possible link between the user access breach and the DDoS attacks, Kouns noted that sometimes a DDoS attack is just what it appears to be, an attempt to take a business offline. That said, in other cases, a DDoS attack can be a way to distract an organization’s IT security staff while some other sort of attack is launched, he said.

      While a DDoS attack could be used to distract an organization, Marcus Carey, CTO and founder of vThreat, said such an attack could also limit attacker access to systems they have already compromised. He added that most of the time attackers with access will keep it “low and slow” to avoid the type of attention DDoS attacks attract.

      “The more likely scenario is that the DDoS attacks have heightened Linode’s incident response senses, and they are leaving no stone unturned,” Carey told eWEEK. “As a result of the DDoS attacks, they’ll be actively looking for compromised accounts.”

      For Linode users, there are only a few steps that they can actually take. Kouns said Linode users will need to set a new password when they log in next.

      “Impacted users shouldn’t stop there however, and if they are reusing passwords against better judgment, they should also change the passwords at other services to something unique,” Kouns suggested.

      Carey, in turn, is advocating that Linode customers make use of the two-step authentication system that Linode has provided to its customers since 2013.

      “Since Linode said they securely hash passwords and encrypt two-factor seeds, it significantly raises the difficulty of cracking the passwords and the two-factor seeds,” he said. “Whether people use Linode or other services, they should be wise and set up two-step authentication when available.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×