January 12, 2012, 9:57 AM

FoundationSource.com fends off a web attack

The management firm enlisted reinforcements to quell a denial of service attack.

Lead Photo

Foundation Source Philanthropic Services Inc., a management firm for private foundations, in September found that its clients couldn’t load pages on its web site, FoundationSource.com, or log in to their accounts to make grants.

Investigating the problem, the management firm found that hackers were overwhelming its network with more than 6,000 simultaneous requests for pages, roughly 10 times the site’s typical 600 simultaneous requests. “We knew we were under some kind of automated attack,” says Gerry Battista, vice president of information technology operations for the management firm.

The Foundation Source team initially fought the denial of service attack through its firewall and began identifying and blocking page requests coming from suspect Internet protocol addresses, and all I.P. addresses located outside the U.S. Battista says the efforts helped slow the attack over the next two days, before a surge came back stronger than before. The attack, which started on a Friday evening, had Foundation Source calling for reinforcements by Sunday evening. The company enlisted Prolexic Technology Inc., a distributed denial of service mitigation vendor, to help.

Prolexic rerouted the site’s traffic through Prolexic servers, which were able to identify and sort legitimate site traffic from the traffic generated by the attack, which it blocked. By Monday evening, the attack was over and FoundationSource.com was again fully available to legitimate traffic.

Battista says Foundation Source was fortunate that the attack, if it had to happen, occurred on a weekend when fewer clients would be trying to access the site. “An attack during the week would have been a different story, because having the site inaccessible would have damaged our client relationships,” he says, adding that the company has no idea why hackers chose to attack FoundationSource.com. “We had never been attacked before, but it can happen to anyone,” Battista says.

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Patrick Smarzynski / E-Commerce

What the changes at eBay mean for sellers

The online marketplace introduced new rules for sellers last month. It’s crucial that sellers understand ...

FPO

Mark Feinstein / E-Commerce

A quick guide to global e-commerce opportunities

Consumers in many countries are buying more online each year. Understanding the nuances of each ...

Advertisement