Feedly has said it will not pay a ransom demand despite facing down a distributed denial-of-service (DDoS) attack.
The social media and RSS website came under attack yesterday, and said in a blog that “criminals are attacking Feedly with a DDoS” who were “trying to extort us money to make it stop”. However it said that it “refused to give in and are working with our network providers to mitigate the attack as best as we can”.
The blog signed off by founder Edwin Khodabakchian, said: “We are working in parallel with other victims of the same group and with law enforcement. We want to apologise for the inconvenience. Please know that you data is safe and you will be able to re-access your Feedly as soon as the attack is neutralised.”
A later update said that it had “neutralised DDoS attack that began at 2:04am PST last night”, and its “ops team is closely monitoring the situation in case the attacks resume”. Evernote also faced a similar attack, but was successful in mitigating the threat too.
Trey Ford, global security strategist at Rapid7, said: “Feedly and Evernote are doing things right. Companies should take note of the positive user responses to their honest and upfront communications. From the outside, it appears that Evernote and Feedly are handling these events effectively and professionally.”
Kevin Linsell, head of service development at Adapt, said that the attacks have again highlighted the need for progressive companies to protect their systems and services from DDoS attaks. “Organisations need to put a protection strategy in place to mitigate risk; this could involve signature analysis and dynamic profiling to identify and classify malicious activity,” he said.
“Organisations also need to take the time to understand their normal demand patterns, build a profile of their legitimate traffic, improve mitigation response times and effectiveness.”
Dr Guy Bunker, SVP Product and cyber security expert at Clearswift, said: “The problem with DDoS attacks is that malicious traffic is hard to spot, DDoS attacks are hard to shut down, they’re highly scalable and the attacker is difficult to locate. To help protect against DDoS attacks, it’s important to implement a third part DDoS protection service; monitor your network and work with your upstream provider to have them block unnecessary traffic where the Internet pipe is largest.
“With many DDoS attacks being implemented against specific cloud service providers, organisations need to ensure that should the service disappear (or be compromised) their critical information is not lost forever.”
Dave Larson, CTO of Corero Network Security, said: “The importance of having an additional layer of dedicated DDoS defence capabilities in place in addition to an effective DDoS response plan cannot be overstated.
“Once a DDoS attack has begun, it is often a scramble to try and mitigate the attack and get services online to minimise user disruption. Without a first line of defence in place, organisations will soon find that their websites or services could potentially be down for days, or even weeks, which will have a significant impact on the business.”
