Last month during a random Friday morning the Keystroke team started noticing email services behaving erratically. It wasn't long before we noticed that all our websites were timing out, as well. Our Internet was working fine, but our email and production websites were inaccessible. It took about 30-minutes before we discovered our data center was under attack.
A DDOS attack.
In the 25-years Keystroke has been around, this is only the second time we've been hit like this, and the first time we received an actual ransom demand. Thankfully our team is much bigger and more talented this time around, and we have a few more resources at our disposal than we did 8-years ago during the last attack, but ti was still a learning opportunity. Since most of the people reading this won't have some fo the technical talent at their disposal as I did, I thought I'd share some lessons learned:
Some of the people reading this were effected by this outage, and for that we apologise. We've migrated all our production services to Azure to reduce our future vulnerability, which isn't the most economical hosting method, but certainly amongst the safest.