Cyberattacks target Boston Globe

Website, internal software hit for second day

By Hiawatha Bray

Globe Staff

The Boston Globe was hit with a second day of attacks by unknown cyberassailants Thursday, leaving bostonglobe.com and the company’s other websites unavailable for parts of the day.

The Globe’s websites and internal servers were subjected to a distributed denial-of-service, or DDoS, attack, one of the most common forms of computer vandalism. DDoS attackers commandeer hundreds or thousands of computers and other digital devices that are owned by law-abiding users around the world.

These machines are secretly infected with malware that allows attackers to create a so-called botnet that can swamp a target with so much data that its networks become overwhelmed and cannot operate.

Kevin Whalen, a spokesman for digital security company Arbor Networks Inc. of Burlington, said his company has tracked 7.1 million DDoS attacks this year, or about 23,000 a day. Whalen said such attacks have become more common because almost anyone with Internet access and a few dollars can launch them.

“For very short dollars, you can hire someone with a botnet infrastructure to launch an attack against someone you’re upset with,’’ Whalen said.

As of Thursday afternoon, nobody knew who attacked the Globe network or why. Many DDoS attackers are never identified.

Wade Sendall, the Globe’s vice president of information technology, said the first attack came around 3 p.m. Wednesday. “We think it was a probe,’’ he said, aimed at testing the Globe network’s defenses and figuring out the best ways to get past them. Even so, the probe repeatedly disrupted the newspaper’s telephones and the editing system used to prepare content for print and online editions.

The attacks resumed around 11 a.m. Thursday, making it impossible for many Globe employees to do their jobs and rendering bostonglobe.com inaccessible for many readers. By mid-afternoon, Globe technicians and specialists from the company’s Internet provider had set up effective defenses.

“It’s been mitigated for the time being,’’ Sendall said, “but there’s no reason to think they won’t come back.’’

Indeed, Internet security engineers have been fending off DDoS attacks for two decades. While they’ve gotten better at it, the risk of such attacks can never be entirely eliminated.

“It will always be possible to do this,’’ said Theresa Abbamondi, an Arbor director of product management. “As long as you can send traffic to someone, which is the point of the Internet, you can always send too much traffic.’’

Hiawatha Bray can be reached at hiawatha.bray@globe.com. Follow him on Twitter @GlobeTechLab.