The web site is operated by Foundation Source, the nation’s largest foundation management firm that supports approximately 1,000 private foundations nationwide with assets ranging from US$250,000 to US$25 million. The DDoS attack, which started on a Friday night, spanned three days and impacted site functionality.
Foundation Source’s IT department identified malicious traffic and an unusually high number of active connections, indicating a DDoS attack. By Saturday, the attack had increased in size and intensity that internal IT resources could no longer mitigate it and Prolexic was brought in.
“Reliable site accessibility is critical to our business and our company’s reputation,” said Gerry Battista, vice president of Information Technology Operations at Foundation Source. “Prolexic’s responsiveness and depth of experience in mitigating DDoS attacks helped us minimize the impact of this large attack so we could continue to serve clients who manage their foundation accounts with us during the week.”
All traffic to www.foundationsource.com was routed through Prolexic’s cloud-based scrubbing centers where malicious traffic was captured and cleaned by applying custom blocking signatures. Legitimate client traffic was then routed back to the Foundation Source site. Even though Foundation Source was a new client with unfamiliar site traffic patterns, Prolexic’s time to mitigate was still just minutes after traffic began flowing through its cloud-based scrubbing centers.
“High requests-per-second GET Floods illustrate the evolution of DDoS and these attacks are being launched more frequently by hackers today,” said Neal Quinn, vice president of Operations at Prolexic. “By taking down log-in capabilities, GET Floods can significantly cripple a company’s online presence and firewalls simply cannot hold back the deluge of malicious traffic generated by these types of attacks.”
Prolexic believes the high requests-per-second GET Flood attack on Foundation Source indicates a new trend in DDoS attacks. According to data released in its quarterly 2011 Attack Report, Prolexic believes that attackers are trying new strategies aimed at overwhelming routers and network infrastructures. A copy of the Prolexic Attack Report can be downloaded from www.prolexic.com/attackreports.
Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Six of the world’s ten largest banks and the leading companies in e-Commerce, payment processing, travel/hospitality, gaming and other at risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first “in the cloud” DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit www.prolexic.com.