Go Daddy’s outage last night was caused by an internal cock-up and not an attack.
The official line is that the downtime, which many reports had attributed to an Anonymous attack, was actually caused by “a series of internal network events that corrupted router data tables”.
The company, whose customers suffered from four to six hours of downtime yesterday, just issued the following statement:
Go Daddy Site Outage Investigation Completed
Yesterday, GoDaddy.com and many of our customers experienced intermittent service outages starting shortly after 10 a.m. PDT. Service was fully restored by 4 p.m. PDT.
The service outage was not caused by external influences. It was not a “hack” and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
At no time was any customer data at risk or were any of our systems compromised.
Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level our customers expect from us and the level we expect of ourselves. We have let our customers down and we know it.
We take our business and our customers’ businesses very seriously. We apologize to our customers for these events and thank them for their patience.
– Scott Wagner
Go Daddy Interim CEO
I reported earlier today that the incident bore many of the hallmarks of a DDoS attack, but that’s clearly now proven to be incorrect.
Thousands — possibly millions — of Go Daddy customers suffered a four-hour outage last night, during a suspected distributed denial of service attack.
The company has not yet revealed the cause of the downtime, which started at 1725 UTC last night, but it bears many of the signs of DDoS against the company’s DNS servers.
During the incident, godaddy.com was inaccessible. DI hosts with Go Daddy; domainincite.com and secureserver.net, the domain Go Daddy uses to provide its email services, were both down.
The company issued the following statement:
At 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide an additional update within the next 24 hours. We want to thank our customers for their patience and support.
Several Go Daddy sites I checked remained accessible from some parts of the world initially, only to disappear later.
Others reported that they were able to load their Go Daddy webmail, but that no new emails were getting through.
This all points to a problem with Go Daddy’s DNS, rather than with its hosting infrastructure. People able to view affected sites were likely using cached copies of DNS records.
Close to 34 million domains use domaincontrol.com, Go Daddy’s primary name server, for their DNS. The company says it has over 10 million customers.
Reportedly, Go Daddy started using Verisign’s DNS for its home page during the event, which would also point to a DNS-based attack.
The outage was so widespread that the words “GoDaddy” and “DNS” quickly became trending topics on Twitter.
The web site downforeveryoneorjustme.com, which does not use Go Daddy, also went down as thousands of people rushed to check whether their web sites were affected.
Some outlets reported that Anonymous, the hacker group, had claimed credit for the attack via an anonymous (small a) Twitter account.
Companies the size of Go Daddy experience DDoS attacks on a daily basis, and they build their infrastructure with sufficient safeguards and redundancies to handle the extra traffic.
This leads me to believe that either yesterday’s attack was either especially enormous, or that somebody screwed up.
The fact that the company has not yet confirmed that external malicious forces were at work is worrying.
Either way it’s embarrassing for Go Daddy, which is applying for three new gTLDs which it plans to self-host.
Several reports have already speculated that the attack could be revenge for one or more of Go Daddy’s recent PR screw-ups.
The company has promised an update later today.
Top-ten registrar KeyDrive has delivered on a major piece of integration work following the merger of Key-Systems and NameDrive last year.
Key-Systems today announced that its RRPproxy reseller platform now has API commands that enable its resellers — and in turn their registrants — to easily park domains with NameDrive.
The new commands allow entire domain portfolios to be parked in bulk, according to the company.
Key-Systems and NameDrive formed KeyDrive in July 2011. The company also acquired Moniker and SnapNames earlier this year.
Former new gTLD applicants are having to wait for months to have their deposits refunded by ICANN, according to two companies that withdrew applications before Reveal Day.
One company withdrew four applications and requested a refund on May 7, some weeks before the TLD Application System closed to new applicants, according to the consultancy Sedari.
But the company, a Sedari client, is still waiting for the return of its $20,000 TAS access fee over four months later, according to Sedari.
Another applicant, GJB Partners, filed a complaint with the California Attorney General in July after waiting for over a month for the refund of a $185,000 application fee.
According to the complaint, the application was withdrawn June 6, a week before Reveal Day, after the company had TAS password problems and suspected foul play.
The company eventually received its refund July 11, shortly after filing the AG complaint.
Sedari’s client has yet to received its refunds, according to the company.
Are any other readers experiencing similar problems?
The Universal Postal Union, newly installed .post registry manager, has launched a withering attack on ICANN for protecting some intergovernmental organizations and not others.
Its salvo follows the release of briefing materials — previously redacted — that ICANN’s board was given when it approved the new gTLD program at the Singapore meeting in June 2011.
The UPU says that the documents show that ICANN engaged in “ex post facto attempts at justifying legally-flawed decisions” when it decided to give extra protection to the Olympics and Red Cross/Red Crescent movements.
As you may recall, these protections were granted by the ICANN board when the program was approved, following lobbying of the Governmental Advisory Committee by both organizations.
In the current round, nobody was allowed to apply for gTLDs such as .redcross or .olympic, or translations in dozens of languages. There are also ongoing talks about extending this protection to the second level.
Some have argued that this would lead to a “slippery slope” that would resurrect the problematic Globally Protected Marks List, something ICANN and the GAC have denied.
They have maintained that the IOC/RC/RC movements are unique — their marks are protected by international treaty and many national laws — and no other groups qualify.
Other IGOs disagree.
Almost 40 IGOs, including the United Nations and International Telecommunications Union, are lobbying for an additional 1,108 strings to be given the same protection as the Olympics.
If they get what they want, four applied-for gTLDs could be rejected outright and dozens of others would be put at risk of failing string similarity reviews.
According to the UPU’s latest letter, ICANN’s newly disclosed rationale for giving only the IOC/RC/RC organizations special privileges was based on a flawed legal analysis:
most of the recommendations contained in documents such as the Unredacted Paper seem to reflect, in an unambiguous way, ex post facto attempts at justifying legally-flawed decisions in order to narrow even further the necessary eligibility “criteria” for protection of certain strings, apparently so that only two organizations would merit receiving such safeguards under the new gTLD process.
In other words, according to the UPU and others, ICANN found itself in a position in June 2011 where it had to throw the GAC a few bones in order to push the new gTLD program out of the door, so it tried to grant the IOC/RC/RC protections in such a way that the floodgates were not opened to other organizations.
It’s worth noting that the Applicant Guidebook already gives IGOs the explicit right to file Legal Rights Objections against new gTLD applications, even if they don’t have trademark protection.