Go Daddy largely unavailable for over 4 hours – Hacker revenge or SNAFU?

Go Daddy logoGo Daddy, the largest internet domain registrar in the world, was largely offline today for more than four hours. In addition to being the largest supplier of domains, Go Daddy also services many of those domains with DNS, email and web hosting services, all of which were sporadically available.

Immediately the rumor mill kicked into high gear and people were speculating that Anonymous must be DDoSing the internet giant. Go Daddy has been a popular target for the “99%” since they publicly announced support for the Stop Online Piracy Act (SOPA) in late 2011.

While it isn’t known whether they were under attack or simply suffering from a hardware or software failure en masse, that didn’t stop a Twitter account from Brazil that is loosely affiliated with Anonymous from taking credit for the outage.

As Go Daddy has slowly been coming back online it is becoming clear that the failure is in their DNS infrastructure. Unfortunately for Go Daddy customers, most of them are using Go Daddy DNS, even if they host their websites and email servers elsewhere.

According to Wired, Go Daddy has migrated its DNS records to their chief competitor, VeriSign. I am not seeing any evidence of this at the moment, but different people are experiencing different results from around the world.

Unfortunately attacks on the DNS infrastructure are nothing new. It is possible for a relatively small number of hosts to perform a DNS reflection attack against poorly configured DNS hosts.

There are ways of mitigating DNS attacks, but we are still not sure that is what occurred here. It might be a good time to review your critical infrastructure and ask your service providers what capabilities they have to ensure your business stays online if you are targeted or have equipment failures.