Skip to main content

WordPress suffers devastating DDoS attack

old-wordpressPopular blog publishing platform WordPress.com suffered the most serious distributed denial of service (DDoS) attack in its history yesterday. While it is so far unknown who launched the DDoS, the company says they believe it to have been “politically motivated.”

“There’s an ongoing DDoS attack that was large enough to impact all three of our datacenters in Chicago, San Antonio, and Dallas — it’s currently been neutralized but it’s possible it could flare up again later, which we’re taking proactive steps to implement,” WordPress founder Matt Mullenweg told TechCrunch. “This is the largest and most sustained attack we’ve seen in our 6 year history. We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet.”

The attack caused temporary disruption to many of the approximately 30 million websites WordPress serves — sites like TechCrunch, CNN, CBS and yours truly, Digital Trends. WordPress-powered sites make up 10 percent of all websites in the entire world.

So who launched the attack, and why?

Sadly we don’t currently know. These days, DDoS has become nearly synonymous with hacktivist group Anonymous, which used this type of attack to take down a wide variety of websites, including the corporate sites of Visa and Master Card. But there’s so far no evidence to pin this particular attack on Anon — and none of their standard press releases that are usually published in conjunction with Anonymous campaigns of upheaval.

WordPress has a large number of “non-English blogs” on its network, so that only narrows things down slightly. And if you haven’t already noticed, there’s a lot of “politically motivated” disruption going on throughout the world right now, with varying degrees of social unrest sweeping through many countries in the Middle East and northern Africa, and spreading to countries in Asia. These political dissidents are increasingly using blogging and other self-publishing outlets to organize protests and get word of their struggles out to the rest of the world, so it’s possible that one of the contended governments orchestrated the attacks for their own purposes.

In fact, WordPress.com was not the only site to be targeted in a DDoS attack yesterday; the government of South Korea issued a cyber security alert stating that the websites of 29 government and other agencies had been affected by DDoS. Those sites included those of “the presidential Blue House, the US forces, the military Joint Chiefs of Staff, the ministries of foreign affairs, defense and unification, parliament and the tax office,” AFP reported.

It’s unclear whether the attack on WordPress.com and on those listed above are related. But if they are, it’s obvious this wasn’t just the work of someone upset with the latest WordPress CMS update.

Editors' Recommendations

Topics
Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more
Cloudflare reports a massive 175% increase in DDoS attacks
Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more