December 29, 2009, 12:00 AM

E-retailers can avoid the Internet attacks Amazon.com experienced

The world’s largest e-retailer may not be immune to hackers but some smaller e-retailers were able to avoid the disruptions that Amazon.com ran into last week when its domain name system operator, Neustar Inc., was hit with a denial of service attack.

 

The world’s largest e-retailer may not be immune to hackers but some smaller e-retailers were able to avoid the disruptions that Amazon.com ran into last week when its domain name system operator, Neustar Inc., was hit with a denial of service attack.

 

The attack affected Amazon.com Inc. consumers in northern California by denying them access to web sites that use the UltraDNS domain name system operated by Neustar, says Amazon, No. 1 in the Internet Retailer Top 500 Guide (a PDF version of the company’s financial and operating profile can be ordered by clicking on its name). The attack took down Amazon’s S3 Simple Storage Server and Amazon’s EC2 Elastic Compute Cloud service, which provides Internet-based computing services, as well as Amazon.com.

 

However, electronics e-retailer Newegg.com says it was able to shift traffic away from Neustar and minimize the impact.

 

“Our systems actually handled the issue extremely well and we are happy to say we were well prepared. We were able to shift traffic and minimize the impact. We estimate the site was affected for less than five minutes and the issue had no global effect on our platform,” says Bernard Luthi, vice president of marketing and merchandising at Amazon, No. 9 in the Internet Retailer Top 500 Guide.

 

Netflix also says it experienced “minimal, if any disruptions” but didn’t provide more details.

 

In a distributed denial of service attack, such as the one domain name system operator Neustar experienced last week, computer network hackers send numerous requests to connect to web systems, overloading the system and causing it to perform slowly or become unresponsive, says Marc Appana, senior consultant at retail consultancy Fit For Commerce.

 

E-retailers can mitigate risks of such attacks by using several domain name service providers, he says. However, many web sites use a single provider, which supplies multiple domain name servers for general requests. If those domain name servers are tied to the same provider, retailers can’t reroute or mitigate the problem themselves. That’s why e-retailers that can afford it, or have the expertise, should use services from several providers, including a few connected to a different root server than their primary domain name service provider, says Appana.

 

“A reliable solution is to have a secondary, hot, readily-operational and connected service provider in case there is an issue,” Appana says. “That way if the first provider is down or not reachable, the requests can try the secondary servers.”

For retailers that can’t manage or afford to use several providers at once, he recommends having ready access to a back-up provider. While this won’t fix the problem as quickly, it’s a less expensive way to mitigate risk, he says.

 

“No provider is 100% problem free. The best option for any company is to take a proactive approach and take the necessary steps for their own service, technology and business,” Appana says.

 

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Bryan Gudmundson / E-Commerce

Which incentives are best at saving the sale?

It’s not necessarily the most valuable incentive that converts the best, a case study shows. ...

FPO

Heather Smith / E-Commerce

Taking advantage of the sharper marketing tools from Pinterest

Pinterest’s revamped private messaging system gives retailers more options for directly connecting with influential and ...

Advertisement