This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more hereX

Home > Discussion Forum

Discussion Forum

Martin Martin is offline
Connector
Join Date: Jul 2002
Location: Luton, Bedfordshire
Posts: 2,726
WorldPay struggles under DDoS attack

WorldPay struggles under DDoS attack (again) as reported at The Register

WorldPay, the Royal Bank of Scotland's internet payment transaction outfit, is continuing to fight a sustained internet attack which has left its services largely unavailable for a third successive day.

Since Saturday (2 October), WorldPay's online payment and administration system has been reduced to a crawl, due to a malicious DDoS attack by unidentified computer criminals. A spokesman for the company stressed that although is fighting a serious "denial-of-service" attack, its systems is uncompromised and customer data remains secure. "We are processing transactions securely but the attack is blocking our ability to operate normally. We apologise unreservedly for any convenience caused," he added. WorldPay's techies are working overtime to restore service but can't say when normal service will be restored.
Click Here

In a notice to customers on Saturday (2 October), WorldPay said: "We regret that access to our payment and administration systems is severely disrupted due to a planned and large scale Denial of Service (DDOS) attack by a third party. Our payment and administration systems are working, safe and secure, but the networks around them are being flooded with requests on a huge scale, causing 'service denials'. We are processing payments, but far slower and fewer than we normally would.

"We are executing our contingency plans to move to full restoration of the service but cannot at this point in time predict when all customers will have the service restored without further interruption. While attacks of this type can be anticipated, it does take time to identify and deal with the exact nature of a particular attack. We are doing everything that is possible to restore a full service as soon as is possible," it added.

Users are advised to check WorldPay's customer service portal for updates. WorldPay was the subject of a similar three-day long denial of service attack last November.

One Reg reader writes: "Looks like they have not learned much from last year/s dos attack as the service has been down for most of the day. We have lost thousands in orders."

A WorldPay spokesman said the vast majority of customers had been supportive and understanding. He noted that many businesses had experienced DDoS attacks in recent months. Many of these attacks have been linked to extortion attempts, but WorldPay declines to say if it has received any demands from its attackers.


Looks like a Payment Processors reputation is also something to consider when looking for there service.

As are there backup plans for such attacks. WorldPay, maybe (i think it must be) the biggest Provider backed by the RBOS who made billions in profit last year can't provide a normal service after 3 days. We can look at other DDOS attacks recently like the Microsoft one, which they survived. (Partly due to the prat doing the ddos picking the wrong url) but also due to their network design. Which allowed them to filter the packets.

Anyways, I don't think it would hurt if customers here fired off there views of backup plans to them, as this is the second time. And people are losing money!


Martin
Reply With Quote
MINI MINI is offline
Starting Out
Join Date: Sep 2004
Posts: 16
Lets hope for others sakes that this blows over a.s.a.p the last thing a fledgling seller needs is his "secure" merchant account under attack by theiving bar-stewards.

Thanks for the heads up!
__________________
Do not blame god for having created the tiger, but thank him for not giving it wings!
Reply With Quote
hirstys hirstys is offline
Connector
Join Date: Oct 2002
Posts: 554
Indeed

Although I think that Vodaphone, etc, (worldpay clients) will be doing a fair bit of "firing off" themselves, likely with a bigger impact too.

I first met the Worldpay team when they were a small organisation touting for business in the early .com boom days, 2 directors came to our offices... wouldnt see that now.

I have no doubt that they have invested a huge amount in preparing for such attacks. Sadly its not as simple as "filtering packets"

As you will have read there are alleged to be a large number of "ransom" demands against online bookies and gambling sites in particular by organised gangs. A DOS attack can be quite sophisiticated and can knock even the most well prepared companies out of action.

I think that what we really need is for some decent investment in corss border policing of this kind of issue. As it tends to come from overseas its a minefield to get any kind of action let alone a prosecution and until the online business community is better represented in the commons, this kind of thing is going to go on with little risk to the perpetrators.

I say: Lobby your MP! Write them a letter, tell them that your business is suffering as a result of the lack of policing of such issues and refer them to this incident. With enough pressure maybe some more resources will be pumpe dinto combatting such attacks.

Regards


James
Reply With Quote
openmind's Avatar openmind openmind is offline
Connector
Join Date: May 2004
Location: In front of my computer
Posts: 3,480
As James pointed out, I don't think that WorldPay can be held responsible. Remember the DDOS attack that bought Google down earlier this year?

It goes to show that any site, no matter how big, can be brought down by determind scumbags...

I have no doubt that WP are working flat out to get thjings back to normal, I have been getting regular email updates from them...

One point to note though is that the securoty of their systems has not been compromised just the processing side...
Reply With Quote
openmind's Avatar openmind openmind is offline
Connector
Join Date: May 2004
Location: In front of my computer
Posts: 3,480
Just got thi8s from WorldPay...
Quote:
Dear Customer,




Most customers now have normal access to our payment and administration systems while some may still be experiencing intermittent access.

Although the attack has been sustained for several days, we have been able to process more than 80% of the payments we would normally process. However, with this type of attack, different customers will be affected at different times and to varying degrees. We continue to combat the attack and mitigate its impact, but cannot at this point predict when our service will be restored without further interruption.

Please advise your customers to try again if a first attempt to make payment does not succeed.

Further updates on this incident will be provided on the Customer Management System portal page at www.worldpay.com/admin.

Yours sincerely


Thank you,
Ann Clarke
Customer Operations Director
WorldPay Limited
Loooks like things are getting back to normal now...
Reply With Quote
MINI MINI is offline
Starting Out
Join Date: Sep 2004
Posts: 16
Oh no, the victims can never be held responsible and I am aware that anything remotely near a computer is a potential target. However it remains disconcerting that a company on whom you depend for your livelyhood can be layed low apparently at will!

I am all for better ability to prosecute these gits internationaly because web crime is borderless.
__________________
Do not blame god for having created the tiger, but thank him for not giving it wings!
Reply With Quote
openmind's Avatar openmind openmind is offline
Connector
Join Date: May 2004
Location: In front of my computer
Posts: 3,480
Quite agree. As a web host we have multiple barriers in place against DDOS attacks as we know the effect it could have on our clients so I have no doubt that WP have an even greater level of protection...

Trouble is that it doesn't matter how big or small you are, these b**tards can still get you
Reply With Quote
JayKay's Avatar JayKay JayKay is offline
Connector
Join Date: Jan 2006
Location: Bedfordshire, UK
Posts: 383
When I subscribed to WorldPay I knew things like this could happen ...
Reply With Quote
Martin Martin is offline
Connector
Join Date: Jul 2002
Location: Luton, Bedfordshire
Posts: 2,726
Re: Indeed

Quote:
Originally posted by hirstys
I have no doubt that they have invested a huge amount in preparing for such attacks. Sadly its not as simple as "filtering packets"
Actually it's all to do with filtering packets. (read more here http://www.openbsd.org/faq/pf/filter.html)

If your getting loads of requests to your servers you lose performance, but some of these are real, so you filter those of others you can see are fake, by packet content or ip/port.

By filtering (fake requests/packets/ip's) you reduce the amount of packets processed by the cpu keeping the server at it's best.

I bet WorldPay have some really big iron running there backend, but the fact remains redundancy is not a given with payment processors.

Maybe it's time for E-Commerce owners to put there own backup systems in place if the costs ever outweigh the expense.

(Ps. Google runs on off the shelf components - little white x86 boxes, i'd expect there boxes to go down before someones like WorldPays who has loads of people depending on it)
Reply With Quote
swhiting swhiting is offline
Connector
Join Date: Dec 2003
Location: Ol'Suffolk
Posts: 235
whatever happens, whether packets are filtered or not, the DDoS packets are reaching the border routers (where they get filtered) and so saturating the bandwidth bottleneck going to WorldPay - stopping real traffic.

Also, how do you identify a few thousand attacking computers to real visitors?

DDoS attacks are notoriously difficult to stop as the quantity and volume is usually so great.
__________________
S.Whiting (UK)

I'm not lazy. I just can't be arsed to do pointless things.

- syIT Amazon Tools - Increase your Amazon Associates revenue using webservices without the hassle.
- HotSpotter - UK Wireless Networking Portal
- Jam Shop - Buy quality preserves and marmalades
- Audiologue.com - Online HiFi and Home Cinema Shop

Reply With Quote
DanielMilne DanielMilne is offline
Newbie
Join Date: Mar 2009
Posts: 1
For protection from ddos you should go with gigabitdc.com which have great expierence about DDoS, I will confirm that soon ( I just purchased a protected server from them )
Reply With Quote
MikeTye MikeTye is offline
Connector
Join Date: Mar 2007
Location: Meopham, Kent
Posts: 220
Ermmm, its nearly 5 years since this happened lol
Reply With Quote
Eagle's Avatar Eagle Eagle is offline
Connector
Join Date: Jul 2004
Location: UK
Posts: 1,632
Bring forth the ban hammer.
__________________
Logo Design Vector Conversion - Eagle Imagery
UK Business Labs - Creating chemistry between business people
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT +1. The time now is 05:22 AM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd. Copyright Shell LiveWIRE 2005-2009