informa
/
Risk
Quick Hits

Denial-of-Rockies-Tickets Attack

Ticket-sales system unable to thwart DDOS attack, leaving many Colorado Rockies fans empty-handed

Nasty hackers or just greedy ticket brokers? Either way, it's a moot point now: The Colorado Rockies sold out its World Series tickets yesterday when the team's online ticket-sales system was restored after a distributed denial-of-service attack (DDOS) caused a server outage on its Website on Monday.

The outage occurred as a result of some 8.5 million visits to the Rockies' Website within 90 minutes, which was more than enough to bring down servers at Rockies' ticket-sales system provider Paciolan. Bob Bowman, CEO of MLB.com, said yesterday in published reports that the attacking computers were blocked from purchasing tickets, but they continued to try to connect to the site, which eventually knocked it offline. His guess is it could have been ticket brokers.

Whether the DDOS was malicious or inadvertent, the outcome was the same. "Most DDOS attacks appear to be just customers" coming to the site, says Richard Stiennon, chief marketing officer at Fortinet. "They were unprepared for the onslaught... of getting all of those transactions at once."

The Rockies, which will face the Boston Red Sox tonight in Game 1 of the Colorado club's first-ever World Series, had decided to open up ticket sales worldwide with online sales. The club sold over 50,0000 tickets in about two and a half hours after the site went back online yesterday, according to published reports. About 80 percent of the transactions were made by buyers with Colorado zip codes.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Fortinet Inc.
  • Recommended Reading:
    Editors' Choice
    Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
    Joshua Goldfarb, Director of Product Management at F5