December 29, 2009, 12:00 AM

E-retailers can avoid the Internet attacks Amazon.com experienced

The world’s largest e-retailer may not be immune to hackers but some smaller e-retailers were able to avoid the disruptions that Amazon.com ran into last week when its domain name system operator, Neustar Inc., was hit with a denial of service attack.

Zak Stambor

Managing Editor

 

The world’s largest e-retailer may not be immune to hackers but some smaller e-retailers were able to avoid the disruptions that Amazon.com ran into last week when its domain name system operator, Neustar Inc., was hit with a denial of service attack.

 

The attack affected Amazon.com Inc. consumers in northern California by denying them access to web sites that use the UltraDNS domain name system operated by Neustar, says Amazon, No. 1 in the Internet Retailer Top 500 Guide (a PDF version of the company’s financial and operating profile can be ordered by clicking on its name). The attack took down Amazon’s S3 Simple Storage Server and Amazon’s EC2 Elastic Compute Cloud service, which provides Internet-based computing services, as well as Amazon.com.

 

However, electronics e-retailer Newegg.com says it was able to shift traffic away from Neustar and minimize the impact.

 

“Our systems actually handled the issue extremely well and we are happy to say we were well prepared. We were able to shift traffic and minimize the impact. We estimate the site was affected for less than five minutes and the issue had no global effect on our platform,” says Bernard Luthi, vice president of marketing and merchandising at Amazon, No. 9 in the Internet Retailer Top 500 Guide.

 

Netflix also says it experienced “minimal, if any disruptions” but didn’t provide more details.

 

In a distributed denial of service attack, such as the one domain name system operator Neustar experienced last week, computer network hackers send numerous requests to connect to web systems, overloading the system and causing it to perform slowly or become unresponsive, says Marc Appana, senior consultant at retail consultancy Fit For Commerce.

 

E-retailers can mitigate risks of such attacks by using several domain name service providers, he says. However, many web sites use a single provider, which supplies multiple domain name servers for general requests. If those domain name servers are tied to the same provider, retailers can’t reroute or mitigate the problem themselves. That’s why e-retailers that can afford it, or have the expertise, should use services from several providers, including a few connected to a different root server than their primary domain name service provider, says Appana.

 

“A reliable solution is to have a secondary, hot, readily-operational and connected service provider in case there is an issue,” Appana says. “That way if the first provider is down or not reachable, the requests can try the secondary servers.”

For retailers that can’t manage or afford to use several providers at once, he recommends having ready access to a back-up provider. While this won’t fix the problem as quickly, it’s a less expensive way to mitigate risk, he says.

 

“No provider is 100% problem free. The best option for any company is to take a proactive approach and take the necessary steps for their own service, technology and business,” Appana says.

 

Comments

Sign In to Make a Comment

Comments are moderated by Internet Retailer and can be removed.

Not a member? Signup for free today!

Advertisement

Advertisement

Advertisement

Relevant Commentary

FPO

Jason Squardo / Mobile Commerce

Five tips for achieving high mobile search rankings

Searches on mobile devices will soon exceed those on computers, Google says. Retailers that keep ...

FPO

Sergio Pereira / B2B E-Commerce

Quill turns to its B2B customers for new ideas

Coming in April is a new section of Quill.com that will let customers and Quill ...

Advertisement