GoDaddy Outage: Anonymous Attack Or IT Failure?

If hacktivists werent behind the six-hour outage, as GoDaddys CEO contends, they may still have taken advantage of the situation.

Whats worse for a website hosting company: getting taken down by hackers, or failing to properly configure your network, sparking downtime and lost revenue for customers?
The CEO of website hosting service Go Daddy has said that the companys six-hour outage Monday had nothing to do with a hacktivist, despite a hacker having claimed credit for launching a
distributed denial-of-service attack
(DDoS) that scuttled the Go Daddy network.
The service outage was not caused by external influences. It was not a hack and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables,
said Go Daddy CEO Scott Wagner
, in a statement. At no time was any customer data at risk or were any of our systems compromised.
Wagner apologized to Go Daddys customers for providing less than 99.999% uptime in our DNS infrastructure, and said the company was working to prevent a recurrence. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
[ Your employees are a critical element in securing your systems. Learn
Why Security Policies Fail, How To Make Them Work
. ]
In the wake of the outage, the CEO of one Go Daddy customer, RunningShoes.com, told United Press International that the downtime had been devastating for his company, resulting in up to
$50,000 in lost sales
. He said he was weighing moving his companys 10 retail websites to another hosting provider.
As this GoDaddy outage reveals, misconfigured network devices and improper changes can be just as dangerous to the stability of our networks as the latest attacks, said Sam Erdheim, director of network security strategy for network security management company AlgoSec, in an emailed statement. Organizations should take a step back to ensure its processes are in order and its devices are securely configured to avoid these situations in the future.
The GoDaddy hacking denial sees the credibility of Anonymous--which rarely takes credit for
attacks it doesnt commit
--stretched thin, especially after its AntiSec arm claimed that it had
stolen one million Apple UDIDs
from the laptop of an FBI agent. But that breach was in fact later traced to a Florida-based app publisher
called BlueToad
, and had nothing to do with the bureau.
In the wake of Wagners statement, however, the hacktivist collective Anonymous has distanced itself from claims that one of its number had launched a DDoS attack against Go Daddy. In a statement Tuesday, released
via Pastebin
--and distributed via the
AnonOpsLegion
Twitter account--the group admitted that it was unclear whether Go Daddy had been taken down by one of its number or not, although it attempted to spin the outage anyway. Many of us have concluded that Go Daddy was taken down because of its support for SOPA, the Stop Online Piracy Act, it said, and called on the ninety nine percent to boycott Go Daddy and remove (sic) there (sic) hosting to another domain name servers (sic).
But in a Tuesday Twitter post,
Anonymous Own3r
, the self-described security leader of Anonymous, claimed to have broken into a Go Daddy website database and obtained source code, which he claimed to have shared via file-sharing networks. In a
Pastebin post
, Anonymous Own3r said hed found 53 SQL injection flaws on the Go Daddy website, which hed been able to use to gain access to the site, apparently following the network outage.
Those claims couldnt be verified, as a link to the stolen data--hosted at the ISA filehost website--returned an error message, saying the uploaded file had been deleted. Anonymous Own3r also
released an image
--although it could easily have been a doctored screenshot--purporting to show the About Go Daddy Web page having been defaced with the words Hacked by Own3r. Notably, however, the hacker didnt claim that hed accessed production systems, or attempted to launch a DDoS attack against the Go Daddy network.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps